2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet313/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   309   310   311   312   313   314   315   316   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

System High Mode
System high mode
systems have slightly different requirements that 
must be met by users: 

Each user must have a valid security clearance that permits access to all information 
processed by the system. 

Each user must have access approval for all information processed by the system. 

Each user must have a valid need to know for some information processed by the sys-
tem but not necessarily all information processed by the system.
Note that the major difference between the dedicated mode and the system high mode is 
that all users do not necessarily have a need to know for all information processed on a 
system high mode computing device. Thus, although the same user could access both a 
dedicated mode system and a system high mode system, that user could access all data on 
the former but be restricted from some of the data on the latter. 
Compartmented mode
Compartmented mode
systems weaken these requirements one 
step further: 

Each user must have a valid security clearance that permits access to all information 
processed by the system. 

Each user must have access approval for any information they will have access to on 
the system. 

Each user must have a valid need to know for all information they will have access to 
on the system.
Notice that the major difference between compartmented mode systems and system high 
mode systems is that users of a compartmented mode system do not necessarily have 

Assess and Mitigate Security Vulnerabilities 
331
access approval for all the information on the system. However, as with system high and 
dedicated systems, all users of the system must still have appropriate security clearances. 
In a special implementation of this mode called
compartmented mode workstations 
(CMWs)
, users with the necessary clearances can process multiple compartments of data 
at the same time. 
CMWs require that two forms of security labels be placed on objects: sensitivity levels and 
information labels. Sensitivity levels describe the levels at which objects must be protected. 
These are common among all four of the modes. Information labels prevent data overclas-
sifi cation and associate additional information with the objects, which assists in proper and 
accurate data labeling not related to access control. 

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   309   310   311   312   313   314   315   316   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish