The Reference Validation Mechanism that ensures the authorized access relationships between subjects and objects is implementing which of the following concept:
Suggested Answer:A🗳️
The reference monitor concept is an abstract machine that ensures that all subjects have the necessary access rights before accessing objects. Therefore, the kernel will mediates all accesses to objects by subjects and will do so by validating through the reference monitor concept. The kernel does not decide whether or not the access will be granted, it will be the Reference Monitor which is a subset of the kernel that will say YES or NO. All access requests will be intercepted by the Kernel, validated through the reference monitor, and then access will either be denied or granted according to the request and the subject privileges within the system. 1. The reference monitor must be small enough to be full tested and valided 2. The Kernel must MEDIATE all access request from subjects to objects 3. The processes implementing the reference monitor must be protected 4. The reference monitor must be tamperproof The following answers are incorrect: The security kernel is the mechanism that actually enforces the rules of the reference monitor concept. The other answers are distractors. Shon Harris, All In One, 5th Edition, Security Architecture and Design, Page 330 also see http://en.wikipedia.org/wiki/Reference_monitor
Currently there are no comments in this discussion, be the first to comment!
This section is not available anymore. Please use the main Exam Page.SSCP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Comments