[ISSA_Brasil] CAC2 - QUESTÃO 26 (DÚVIDA SURGIDA NESTE SÁBADO 15-02-2014)

[Jaime Orts Y Lugo]

Questão 26 do  CIC2 Teste CISSP 01 está baseada na questão 5 do Domínio de
Arquitetura do CBK Second Edition.

A correção da questão 5 encontra-se na página 902 do referido livro.

Pela explicação da questão a resposta correta deveria ser Security Model ao
invés de Security Policy.

Gostaria de saber se alguém tem o arquivo contendo as “erratas”do CBK Second
Edition. 

Interessados favor entrar em PVT comigo.

 

 

5. Which of the following describes the rules that need to be implemented to

ensure that the security requirements are met?

 

a. Security kernel

b. Security policy

c. Security model

d. Security reference monitor

 

Correct answer is b. 

 

Security policy documents the security requirements of

an organization. Subsequently, a security model is a specification that
describes

the rules to be implemented to support and enforce the security policy. 

 

While the security policy provides the “What” requirements needs to be met,
the

security model provides “HOW” (the rules by which) the requirements will

be met. 

 

The part of the operating system where security features are located

is the security kernel. 

 

Security reference monitor is the tamperproof module that controls the
access request of software to either the data or the system.

Page 682.

-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://issa.org.br/pipermail/associados_issa.org.br/attachments/20140217/cbee7cce/attachment.htm>