July 22, 2018

The Clark-Wilson model is for upholding integrity.  

Just like the Biba Model – which is also for upholding integrity.

They're not for confidentiality.  That’s what the Bell-LaPadula model is for. 

And it’s not availability.  That’s what backups, high-availability firewalls, offsite storage, hot sites, cold sites, warm sites are for.  But, you know,...

July 3, 2018

Attribute-based access control is a new topic for the April CISSP exam update.  It is a more dynamic, flexible, context-aware and adaptive type of access control method.  

When we are talking about access control methods we are talking about things like Role-Based Access Control, Discretionary Access Control or Mandatory Access Control.  ABAC can...

November 30, 2017

Become a member to view the rest of the video:

Hard Token Implementation

Look Up Secret Token

  • Consists of a claimant and a verifier 

  • Uses grid-cards which consists of rows and columns

  • Both the claimant and the verifier have the same grid-card

  • How it works: 

    • Claimant wants to access a remot...

October 17, 2017

Do you really need to know every single NIST document word for word? 

Answer: No

Are NIST documents an incredible source of learning material to expand your knowledge and provide clarity for the CISSP exam? 

Answer: Yes

Do the actual study guide books and practice exam question engines use NIST documents as their references when trying to explain topics?

August 28, 2017

The Bell-LaPadula security model deals with the preservation of confidentiality, and only confidentiality.  Why? Because the government is all about keeping secrets.  Lots of different types of secrets with varying levels of secrecy that require different types of classification labels.  

Example 1

The truth about the existence of space aliens wou...

Please reload

© 2013 Study Notes and Theory
Terms and Conditions/Privacy Policy

Proudly created to make you

a better security professional.