September 11, 2025 • 18 mins
Check us out at: https://www.cisspcybertraining.com/
Get access to 360 FREE CISSP Questions: https://www.cisspcybertraining.com/offers/dzHKVcDB/checkout
Get access to my FREE CISSP Self-Study Essentials Videos: https://www.cisspcybertraining.com/offers/KzBKKouv
Dive into the complex world of security models as we unpack Domain 3.2 of the CISSP exam in this knowledge-packed episode. We begin by examining how the generative AI boom is creating significant privacy and cybersecurity challenges for organizations worldwide. Security professionals must now navigate data ownership questions, changing terms of service, and the risks of shadow AI usage – all while developing governance strategies that balance innovation with protection.
The spotlight then turns to the Chinese Wall model (Brewer-Nash), a fascinating security approach that originated in financial and legal industries. Unlike static models, this dynamic access control system creates metaphorical barriers between competing clients to prevent conflicts of interest. When a consultant accesses one company's sensitive data, they're automatically blocked from accessing a competitor's information – a concept every CISSP candidate needs to understand thoroughly.
The heart of the episode features five challenging practice questions that explore critical security models: Bell-LaPadula's simple security property for preventing unauthorized access to classified information; Clark-Wilson's transaction integrity controls for financial systems; Brewer-Nash for managing consultant access to competing clients; the Non-Interference model for preventing covert channel leaks; and the Take-Grant model for controlling rights distribution. Each question comes with detailed explanations that clarify these concepts in practical, real-world contexts.
Whether you're preparing for the CISSP exam or expanding your cybersecurity knowledge, this episode provides valuable insights into how different security models address specific protection requirements. Ready to strengthen your understanding of these essential security frameworks? Visit CISSP Cyber Training for 360 free practice questions and additional resources to support your certification journey.
Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don’t miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Welcome to the CISSP Cyber Training Podcast, where we
provide you the training andtools you need to pass the CISSP
exam the first time.
Hi, my name is Sean Gerber andI'm your host for this
action-packed, informativepodcast.
Join me each week as I providethe information you need to pass
the CISSP exam and grow yourcybersecurity knowledge.
(00:20):
All right, let's get started.
Let's go.
Speaker 2 (00:24):
Let's go.
Cybersecurity knowledge.
All right, let's get started.
Good morning everyone.
It's Sean Gerber with CISSPCyber Training and hope you all
are having a beautifully blessedday today.
Today is CISSP Question Thursdayand we are putting together
questions that are alignedspecifically with the CISSP
topic that we talked about onMonday and this today we're
going to be talking about domain3.2.
(00:47):
And that's the main focusspecifically around the
different various securitymodels.
But before we do, we had aquick article I wanted to bring
to your attention, and then Ialso had a little bit of
training that I wanted to add atthe beginning based on some
more research I had done as Iwas going through some of the
questions.
But before we get into that,there's the article and this is
an interesting part when I'mworking with my partners at
NextPeak is how the generativeAI boom opens up new privacy and
(01:10):
cybersecurity risks.
So I don't know if you all areseeing the AI air quotes boom
that's occurring right now andit's a pretty substantial thing
that's affecting a lot ofdifferent companies and the
point of it comes down to is isthat if you are not a CISO that
is planning for this and you'rehaving a good understanding of
how this is all going to playout, or just a cybersecurity
person in general, you're goingto run into some problems and
(01:33):
we've been talking about this atNextPeak and with other
partners that I have in otherareas of cybersecurity that the
AI, privacy and risks that areassociated with it, along with
others that have individualsusing AI within their workplace,
is going to come to a nexus atsome point.
So the article is from CSOMagazine and it talks about how
it's going to be affecting thisand they talk about it that
(01:56):
you're going to have to have astrategy as a security
professional to deal with thepotential issues from the
account from both shielding whoowns the data and preventing AI
from becoming a security breach,and we talk about this a lot in
the CISSP.
Cyber training is data ownershipand who owns the specific data
and who is controlling the data,and you're really going to have
(02:17):
to define that.
And one of my partners at NXP,byron he made a comment about
making sure that the data itselfhas proper ownership, but how
it is being properly classifiedfrom a business standpoint.
So I do agree completely withthat.
Now the article gets intodifferent aspects around your
changing of the terms of service, so how it's being used.
(02:38):
You're going to need to keeptabs on that from a terms of
service of using AI, tabs onthat from a terms of service of
using AI that perform.
Platforms such as WeTransfer,slack and others are basically
increasingly claiming rights touser data for AI training.
So if you have individuals thatare using this, they're
collecting the data and they'reusing it.
(02:59):
They're saying, hey, now we ownthis data, so this kind of can
cause some concerns with thecompany.
So you need to make sure you,as an individual and a security
professional, are working withyour legal teams to understand
the terms of service on each ofthese.
It's really a pretty big deal.
Shadow AI in the workplaceEmployees are using things like
ChatGPT much more frequently forwork tasks without approval,
(03:21):
and I saw this before I leftKoch Industries.
That is a big big deal.
Right, we were putting a prettybig kibosh on it and trying to
control what was happening withthe data, but when it comes
right down to, a lot ofcompanies are not controlling
that data.
They are not doing it at alland therefore they're just
letting their people put thestuff out there and we don't
know what's happening with theinformation, and a lot of it can
(03:42):
be very proprietary orsensitive, so need to really
have a good handle on that.
Privacy and security risks.
The AI platform basicallyingests large amounts of data
which can be exploited if abreach were to occur.
So you need to make sure thatyou understand that and users'
errors, such as making charts,publications and other areas
available to chat GPT canactually increase your
(04:05):
confidential information outthere, and so, as a security
professional, you must balancebasically enabling AI adoption
with ensuring security andethical use.
You need to reach out tocompanies that can help you with
this risk assessments andunderstanding the overall risk
to your organization.
Nextpeak, one of the partnersthat I'm with, can help you with
that specific situation.
(04:25):
You may want to look at it andjust kind of consider what is
your exposure from a businessstandpoint, and then, basically,
the key takeaway from all thisarticle is organizations will
need to have a clear AIgovernance terms plan and then
review the terms of service,restrict, shadow IT and train
your employees, and these arekind of the things we've been
talking about with CISP forquite some time that you're
(04:48):
going to need to make sure thatyou have your people trained,
you understand the risk to yourorganization and you do truly
understand the terms of servicethat you're getting yourself
into when it comes to some ofthese different types of
platforms that are out there.
So, again, this is from CSO.
It's how generative AI boomopens up new privacy and
cybersecurity risks.
(05:09):
Okay, so let's get into some alittle bit of training.
I want to start before we getinto the questions.
I've got five very importantquestions that are going to kind
of help challenge your thoughtprocess around the domain 3.2
and then maybe help educate youalittle bit on that as well.
So let's get started.
Okay, so one of the questionsthat came up that I've actually
seen people talk about is and Imentioned it in the last in the
(05:31):
episode for training is theChinese wall model, and this
deals with Brewer and Nash.
So what exactly is the Chinesewall model?
So let's just kind of get intothat a little bit and then we'll
get into the questions.
So the term Chinese wall comesfrom the financial and legal
industries and it basicallycomes down to they want to
create a barrier between ethicaland information, and this is
(05:52):
basically set up inside theorganization, such as investment
banks, law firms and so forth,and it's to help prevent
conflicts of interest betweenthe two.
So we talked about this alittle bit, of this example in
the training on Monday.
But the One of the things is.
An example would be as aninvestment banker is advising
company A on a merger and theymust not access information
(06:13):
about company B if the firm isadvising them right, because
that could cause unfairadvantage between the two
companies.
We mentioned the same kind ofconcept between having your
consultant working in twodifferent companies.
So you're trying to create thiswall between the two so that
there isn't information sharedbetween them to prevent
conflicts of interest.
And the purpose of conflicts ofinterest to avoid that is to
(06:35):
create trust in this overallmodel.
So the security modelconnection and how this plays
out is a Brewer-Nash model whichwas created in 1989, formalizes
into an access control modeland it prevents the subject,
basically the user, theconsultant, analyst, whoever
that might be, who has access tothe sensitive data about one
client or organization, fromlater accessing sensitive data
(06:57):
about a competing client.
So again, the differencesbetween the static
classification of the Bellapula,the BIBA, is that this is
dynamic.
This happens, the decisions mayhave happened.
At one point you know you werea consultant doing something and
then you're a consultant on acompetitor in the future.
This is designed to helpunderstand, create that wall of
(07:18):
segregation between what you didin the past and what you're
doing right now.
So in financial firms, thereason the chinese wall comes up
is that it's a financial firms.
The wall is a metaphoricalbarrier separating the
departments or the clients,right?
That's the ultimate point ofthis.
You can call the Chinese wall,you can call it the walled
garden, you can call it whateveryou want to call it.
(07:38):
The ultimate goal is that ifyou're on one side of the wall,
you're blocked from accessinginformation of the other.
So once you cross the wall togo to one side, you cannot
access the information on theother side.
Now, that doesn't mean youhaven't used some of the stuff
in your brain, but you don'twant to be able to use data from
one side to the next, andthat's again that's something
they're trying to break down andnot have to have any sort of
(07:59):
conflicts of interest.
So an example a kind of a realworld example would be is a
consulting firm is advisingCoca-Cola, right?
Or Pepsi?
Well, we're going to get intoPepsi here in a minute, but
anything, I'm just picking Cokeas an example, one consultant
accesses Coke's database, brewerNash model blocks them from
accessing Pepsi's database toavoid conflict of interest.
(08:19):
So again, same concept youcould still work on Ford or
Chevy or whatever, becausethey're not a competitor in the
same conflict class.
So that's the ultimate point isthat you can work on different
items, but you can't have bothin the same financial
institution.
Now where it would get kind ofpotentially squishy is is if you
were Coca-Cola and you werethen working on as a consultant
(08:42):
with information that maybefeeds products or some sort of
chemical not chemicals, what'sthe right word a supply chain
that goes into Pepsi's productsthat maybe would be similar
between Pepsi and Coca-Cola,Then it can get a little squishy
.
But the bottom line of it isthat you're trying to break this
up so that you don't have anunfair advantage in relating to
(09:03):
the different types ofcapabilities.
Unlike our congressmen in the USgovernment, where they have all
kinds of insider trading andthey can make millions just
because they're there.
That's a different topic and,yes, that is way off topic of
security, but it's very truebecause, if you look at it from
a government standpoint, theyhave access to a lot of
information that allows them tomake trades on their behalf and,
(09:26):
as such, they make a lot ofmoney where the rest of us don't
have that same information and,as such, they make a lot of
money where the rest of us don'thave that same information.
So the goal is again creating awalled garden between the fact
that what the information youhave access to and the
information you can actually actupon.
So same kind of concept, sortof sort of.
All right, so let's get intosome of the questions we're
going to talk about today.
Ok, so you can get all of thisat CISSP Cyber Training.
(09:49):
Again, plug for me.
I've got to put that out therebecause, again, it's CISSP Cyber
Training.
The products out there are outthere because we provide the
content and the platform for you.
So, again, go check it out.
There's a lot of free stuffthere.
There's also some paid stuffwhich pays for the platform.
So if you see anything outthere that you need, go for it,
(10:15):
look at it, see what you can dowith it.
I have basically the basicversion, which can get you all
the free content that you needNot a big deal.
It's all free and available toyou.
Just got to give me your emailaddress and then you can have
access to it.
This is from my deep dive stuffthat I have available for going
over every single of thedomains to include free CISSP
questions.
It's all there and available toyou free.
If you want more deep dive, youwant to get access to the
videos?
You want access to the content,both audio and video.
(10:36):
If you want access to me,because there's a mentoring
that's involved with that, gocheck out what I've got to offer
at the CISSP Cyber Training aswell.
Speaker 1 (10:44):
So there's the paid products and the free stuff.
Speaker 2 (10:46):
So let's roll into what we're going to talk about
today with these five deep divequestions focused on domain 3.2.
Okay, question one A defensecontractor is building a system
to handle documents classifiedas top secret, secret and
confidential.
The company is most concernedthat users with lower clearances
should never be able to readinformation above their
(11:08):
clearance level.
Which security model bestenforces this requirement?
A the property of the starproperty of Bell Laputa.
B the simple security propertyof the Bell Laputa.
C the integrity axiom of BIBAor D the strong tranquility
principle.
Okay, which one is it?
(11:29):
Well, you might be going okay,well, what is the strong
tranquility principle?
Never, ever talked about that.
Well, the strong tranquilityprinciple basically says that
security labels do not changeduring the system's operation,
which is not really any concernon the situation.
So it wouldn't be one that youwould want.
The axiom of BIBA right, thatsounds kind of like a movie.
(11:50):
Biba's integrity axiom is aboutbasically no read down and no
write up for integrity, notspecifically for confidentiality
, and we are concerned aboutconfidentiality.
So, when it comes down to it isthat the overall simple
security property is the bestone.
It's the no read up and it'sbasically a subject at a lower
(12:10):
clearance cannot read objects ata higher classification level.
So again, it's different thanthe BIBA's integrity axiom,
which is no read down.
This is where you have no readup and this one directly applies
to this specific situation,because the clearances you don't
want to be able to read from asecret to a top secret.
Question two a bank is designinga transaction processing system
(12:30):
.
The goal is to ensure onlywell-formed transactions are
executed, to preventunauthorized users from
manipulating account balancesand enforcing separation of
duties between employees.
Again, separation of duties isSOD.
Which model best addressesthese concerns?
A the Biba model, b theClark-Wilson model, c the
Bellaputa model or D theBrewer-Nash Chinese wall model.
(12:52):
The answer is B, theClark-Wilson model.
Now, the Clark-Wilson modelenforces well-formed
transactions, separation ofduties and certification rules.
This is what you want forfinancial systems, ideally.
But the BIBA is focused onintegrity, which is basically no
read down, no write up, butdoes not enforce separation of
duties or well-formedtransactions.
(13:13):
And then the Bellaputa isobviously for confidentiality,
not integrity of business rules.
And then the Brewer of Nash wetalked about the Chinese wall.
Parts of this is it preventsconflicts of interest such as
consulting and investment.
So this one really doesn't fitthe overall piece around
separation of duties in thiscase.
So it's focused aroundconflicts of interest.
So the answer is Clark Wilson.
(13:37):
Question three a research firmhires consultants who may work
with multiple clients in thesame industry.
Oh, I wonder what that one is.
The company must preventconsultants from accessing data
on competing clients once theybegin working on one client's
project.
Which security model should beapplied?
Okay, we just kind of talkedabout this one.
So which one is it?
Hmm, things that make you go.
(13:58):
Hmm Well, let's see, the ClarkWilson is A, bell Laputa is B,
the Brewer Nash is C and theHarrison Rousseau Ullman is D.
So HRU is theoretically a modelabout rights assignment.
So we know that that one isprobably not it at all, because
it's about revocation, notconflict of interest.
Bell Laputa enforcesconfidentiality, but again, it's
(14:20):
not client-based conflictswhich we've talked about.
And then the Clark-Wilson is atransaction integrity-focused
only and it's not for dynamicconflicts that may be occurring.
So the answer would be yes, itwould be C, the Brewer-Nash
Chinese wall model.
We talked about this.
You're client A, you're aconsultant working on client a
you do not have access to, andthen you begin to work for
(14:41):
client b at a future point, youdo not have access to back to
client a's information again.
That's to prevent conflicts ofinterest.
Question five a military systemis required to ensure that
actions at the top secret leveldo not have any observable
effect on the processes at theconfidential or unclassified
levels, even indirectly.
(15:02):
Which model best enforces this?
Okay, so A the BIBA, b theGraham-Denning, c the Bellaputa
and D the non-interference model.
Okay, so which one bestenforces this?
So the BIBA, let's talk aboutit.
It protects integrity and it'snot information flow between the
high and low levels, which iswhat top secret and secret are,
(15:26):
or top secret and confidential.
Biba protects integrity, notinformation flow between the
high and low levels.
We talked about that.
Graham Denning defines therights and operations for the
object slash, subject management, but does not prevent covert
leakage.
And then Bellaputa enforces noread-up and no write-down but
doesn't fully prevent obviouslysubtle interference between
(15:47):
these covert channels.
So which is the right answer?
The right answer is thenon-interference one.
This is where it ensureshigher-level actions do not
influence lower-level states,preventing obviously covert
channel leaks between the two.
And we've talked about covertchannel leaks in various aspects
of the CISSP, cyber training.
So if you want to go back to aprevious episode, you can go and
(16:09):
check that out.
Question five a cloud providermust design a system that
ensures creation, deletion andtransfer of rights between users
and objects is strictlycontrolled Say transfer.
So anything deletion, transfer,any of those things are
strictly controlled of rightsbetween users and objects is
strictly controlled Say transfer, okay, so anything deletion,
transfer, any of those thingsare strictly controlled.
Of rights right, the modelshould specify how subjects can
be created and how their rightsare transferred.
(16:31):
Which model best addresses thisneed?
Okay, so we're dealing withrights.
So we have A the Tate-Grantmodel, b the Bibba model, c the
Bellapula model, or D theBrewer-Nash model?
Okay, so, based on what we'vetalked about, the Brewer-Nash
model is a Chinese wall.
This one does not affectanything that deals with rights.
It's focused specificallyaround conflicts of interest.
(16:51):
So you could throw that oneaway.
Bellaputa enforcesconfidentiality rules and is not
defined around rightsdistribution.
The Biba model is aroundintegrity but not around rights
transfer.
So which one is left?
It is the take-grant modelbecause it specifically talks
about taking and granting rights, air quotes of objects.
(17:13):
So you know that if you'redealing with rights or you're
taking it and you're grantingrights, then it is ideal for
modeling rights distribution andtherefore that would be the
most correct answer.
So, again, take, grant isaround rights, so I hope that
kind of helped around thoseareas.
Okay, that's all I've got foryou today.
Head on over to CISSP CyberTraining.
You can get access to thesequestions, as well as many, many
(17:35):
more.
I've got over a thousanddifferent CISSP questions that
are out there and available foryou.
They're all out there at CISSPCyber Training.
Go check it out.
It's an awesome site.
We are just.
Things are growing very quicklyat CISSP Cyber Training.
We have lots and lots of greatcontent and we are helping a lot
of people be successful at theCISSP.
So go check it out, see whatyou think.
(17:55):
Let me know if you have anyquestions.
No-transcript.
(18:21):
If you like what you heard,please leave a review on iTunes,
as I would greatly appreciateyour feedback.
Also, check out my videos thatare on YouTube and just head to
my channel at CISSP CyberTraining and you will find a
plethora, or a cornucopia, ofcontent to help you pass the
CISSP exam the first time.
Content to help you pass theCISSP exam the first time.
(18:43):
Lastly, head to CISSP CyberTraining and sign up for 360
free CISSP questions to help youin your CISSP journey.
Thanks again for listening.
Welcome to the CISSP Cyber Training Podcast, where we
provide you the training andtools you need to pass the CISSP
exam the first time.
Hi, my name is Sean Gerber andI'm your host for this
action-packed, informativepodcast.
Join me each week as I providethe information you need to pass
the CISSP exam and grow yourcybersecurity knowledge.
(00:20):
All right, let's get started.
Let's go.
Speaker 2 (00:24):
Let's go.
Cybersecurity knowledge.
All right, let's get started.
Good morning everyone.
It's Sean Gerber with CISSPCyber Training and hope you all
are having a beautifully blessedday today.
Today is CISSP Question Thursdayand we are putting together
questions that are alignedspecifically with the CISSP
topic that we talked about onMonday and this today we're
going to be talking about domain3.2.
(00:47):
And that's the main focusspecifically around the
different various securitymodels.
But before we do, we had aquick article I wanted to bring
to your attention, and then Ialso had a little bit of
training that I wanted to add atthe beginning based on some
more research I had done as Iwas going through some of the
questions.
But before we get into that,there's the article and this is
an interesting part when I'mworking with my partners at
NextPeak is how the generativeAI boom opens up new privacy and
(01:10):
cybersecurity risks.
So I don't know if you all areseeing the AI air quotes boom
that's occurring right now andit's a pretty substantial thing
that's affecting a lot ofdifferent companies and the
point of it comes down to is isthat if you are not a CISO that
is planning for this and you'rehaving a good understanding of
how this is all going to playout, or just a cybersecurity
person in general, you're goingto run into some problems and
(01:33):
we've been talking about this atNextPeak and with other
partners that I have in otherareas of cybersecurity that the
AI, privacy and risks that areassociated with it, along with
others that have individualsusing AI within their workplace,
is going to come to a nexus atsome point.
So the article is from CSOMagazine and it talks about how
it's going to be affecting thisand they talk about it that
(01:56):
you're going to have to have astrategy as a security
professional to deal with thepotential issues from the
account from both shielding whoowns the data and preventing AI
from becoming a security breach,and we talk about this a lot in
the CISSP.
Cyber training is data ownershipand who owns the specific data
and who is controlling the data,and you're really going to have
(02:17):
to define that.
And one of my partners at NXP,byron he made a comment about
making sure that the data itselfhas proper ownership, but how
it is being properly classifiedfrom a business standpoint.
So I do agree completely withthat.
Now the article gets intodifferent aspects around your
changing of the terms of service, so how it's being used.
(02:38):
You're going to need to keeptabs on that from a terms of
service of using AI, tabs onthat from a terms of service of
using AI that perform.
Platforms such as WeTransfer,slack and others are basically
increasingly claiming rights touser data for AI training.
So if you have individuals thatare using this, they're
collecting the data and they'reusing it.
(02:59):
They're saying, hey, now we ownthis data, so this kind of can
cause some concerns with thecompany.
So you need to make sure you,as an individual and a security
professional, are working withyour legal teams to understand
the terms of service on each ofthese.
It's really a pretty big deal.
Shadow AI in the workplaceEmployees are using things like
ChatGPT much more frequently forwork tasks without approval,
(03:21):
and I saw this before I leftKoch Industries.
That is a big big deal.
Right, we were putting a prettybig kibosh on it and trying to
control what was happening withthe data, but when it comes
right down to, a lot ofcompanies are not controlling
that data.
They are not doing it at alland therefore they're just
letting their people put thestuff out there and we don't
know what's happening with theinformation, and a lot of it can
(03:42):
be very proprietary orsensitive, so need to really
have a good handle on that.
Privacy and security risks.
The AI platform basicallyingests large amounts of data
which can be exploited if abreach were to occur.
So you need to make sure thatyou understand that and users'
errors, such as making charts,publications and other areas
available to chat GPT canactually increase your
(04:05):
confidential information outthere, and so, as a security
professional, you must balancebasically enabling AI adoption
with ensuring security andethical use.
You need to reach out tocompanies that can help you with
this risk assessments andunderstanding the overall risk
to your organization.
Nextpeak, one of the partnersthat I'm with, can help you with
that specific situation.
(04:25):
You may want to look at it andjust kind of consider what is
your exposure from a businessstandpoint, and then, basically,
the key takeaway from all thisarticle is organizations will
need to have a clear AIgovernance terms plan and then
review the terms of service,restrict, shadow IT and train
your employees, and these arekind of the things we've been
talking about with CISP forquite some time that you're
(04:48):
going to need to make sure thatyou have your people trained,
you understand the risk to yourorganization and you do truly
understand the terms of servicethat you're getting yourself
into when it comes to some ofthese different types of
platforms that are out there.
So, again, this is from CSO.
It's how generative AI boomopens up new privacy and
cybersecurity risks.
(05:09):
Okay, so let's get into some alittle bit of training.
I want to start before we getinto the questions.
I've got five very importantquestions that are going to kind
of help challenge your thoughtprocess around the domain 3.2
and then maybe help educate youalittle bit on that as well.
So let's get started.
Okay, so one of the questionsthat came up that I've actually
seen people talk about is and Imentioned it in the last in the
(05:31):
episode for training is theChinese wall model, and this
deals with Brewer and Nash.
So what exactly is the Chinesewall model?
So let's just kind of get intothat a little bit and then we'll
get into the questions.
So the term Chinese wall comesfrom the financial and legal
industries and it basicallycomes down to they want to
create a barrier between ethicaland information, and this is
(05:52):
basically set up inside theorganization, such as investment
banks, law firms and so forth,and it's to help prevent
conflicts of interest betweenthe two.
So we talked about this alittle bit, of this example in
the training on Monday.
But the One of the things is.
An example would be as aninvestment banker is advising
company A on a merger and theymust not access information
(06:13):
about company B if the firm isadvising them right, because
that could cause unfairadvantage between the two
companies.
We mentioned the same kind ofconcept between having your
consultant working in twodifferent companies.
So you're trying to create thiswall between the two so that
there isn't information sharedbetween them to prevent
conflicts of interest.
And the purpose of conflicts ofinterest to avoid that is to
(06:35):
create trust in this overallmodel.
So the security modelconnection and how this plays
out is a Brewer-Nash model whichwas created in 1989, formalizes
into an access control modeland it prevents the subject,
basically the user, theconsultant, analyst, whoever
that might be, who has access tothe sensitive data about one
client or organization, fromlater accessing sensitive data
(06:57):
about a competing client.
So again, the differencesbetween the static
classification of the Bellapula,the BIBA, is that this is
dynamic.
This happens, the decisions mayhave happened.
At one point you know you werea consultant doing something and
then you're a consultant on acompetitor in the future.
This is designed to helpunderstand, create that wall of
(07:18):
segregation between what you didin the past and what you're
doing right now.
So in financial firms, thereason the chinese wall comes up
is that it's a financial firms.
The wall is a metaphoricalbarrier separating the
departments or the clients,right?
That's the ultimate point ofthis.
You can call the Chinese wall,you can call it the walled
garden, you can call it whateveryou want to call it.
(07:38):
The ultimate goal is that ifyou're on one side of the wall,
you're blocked from accessinginformation of the other.
So once you cross the wall togo to one side, you cannot
access the information on theother side.
Now, that doesn't mean youhaven't used some of the stuff
in your brain, but you don'twant to be able to use data from
one side to the next, andthat's again that's something
they're trying to break down andnot have to have any sort of
(07:59):
conflicts of interest.
So an example a kind of a realworld example would be is a
consulting firm is advisingCoca-Cola, right?
Or Pepsi?
Well, we're going to get intoPepsi here in a minute, but
anything, I'm just picking Cokeas an example, one consultant
accesses Coke's database, brewerNash model blocks them from
accessing Pepsi's database toavoid conflict of interest.
(08:19):
So again, same concept youcould still work on Ford or
Chevy or whatever, becausethey're not a competitor in the
same conflict class.
So that's the ultimate point isthat you can work on different
items, but you can't have bothin the same financial
institution.
Now where it would get kind ofpotentially squishy is is if you
were Coca-Cola and you werethen working on as a consultant
(08:42):
with information that maybefeeds products or some sort of
chemical not chemicals, what'sthe right word a supply chain
that goes into Pepsi's productsthat maybe would be similar
between Pepsi and Coca-Cola,Then it can get a little squishy
.
But the bottom line of it isthat you're trying to break this
up so that you don't have anunfair advantage in relating to
(09:03):
the different types ofcapabilities.
Unlike our congressmen in the USgovernment, where they have all
kinds of insider trading andthey can make millions just
because they're there.
That's a different topic and,yes, that is way off topic of
security, but it's very truebecause, if you look at it from
a government standpoint, theyhave access to a lot of
information that allows them tomake trades on their behalf and,
(09:26):
as such, they make a lot ofmoney where the rest of us don't
have that same information and,as such, they make a lot of
money where the rest of us don'thave that same information.
So the goal is again creating awalled garden between the fact
that what the information youhave access to and the
information you can actually actupon.
So same kind of concept, sortof sort of.
All right, so let's get intosome of the questions we're
going to talk about today.
Ok, so you can get all of thisat CISSP Cyber Training.
(09:49):
Again, plug for me.
I've got to put that out therebecause, again, it's CISSP Cyber
Training.
The products out there are outthere because we provide the
content and the platform for you.
So, again, go check it out.
There's a lot of free stuffthere.
There's also some paid stuffwhich pays for the platform.
So if you see anything outthere that you need, go for it,
(10:15):
look at it, see what you can dowith it.
I have basically the basicversion, which can get you all
the free content that you needNot a big deal.
It's all free and available toyou.
Just got to give me your emailaddress and then you can have
access to it.
This is from my deep dive stuffthat I have available for going
over every single of thedomains to include free CISSP
questions.
It's all there and available toyou free.
If you want more deep dive, youwant to get access to the
videos?
You want access to the content,both audio and video.
(10:36):
If you want access to me,because there's a mentoring
that's involved with that, gocheck out what I've got to offer
at the CISSP Cyber Training aswell.
Speaker 1 (10:44):
So there's the paid products and the free stuff.
Speaker 2 (10:46):
So let's roll into what we're going to talk about
today with these five deep divequestions focused on domain 3.2.
Okay, question one A defensecontractor is building a system
to handle documents classifiedas top secret, secret and
confidential.
The company is most concernedthat users with lower clearances
should never be able to readinformation above their
(11:08):
clearance level.
Which security model bestenforces this requirement?
A the property of the starproperty of Bell Laputa.
B the simple security propertyof the Bell Laputa.
C the integrity axiom of BIBAor D the strong tranquility
principle.
Okay, which one is it?
(11:29):
Well, you might be going okay,well, what is the strong
tranquility principle?
Never, ever talked about that.
Well, the strong tranquilityprinciple basically says that
security labels do not changeduring the system's operation,
which is not really any concernon the situation.
So it wouldn't be one that youwould want.
The axiom of BIBA right, thatsounds kind of like a movie.
(11:50):
Biba's integrity axiom is aboutbasically no read down and no
write up for integrity, notspecifically for confidentiality
, and we are concerned aboutconfidentiality.
So, when it comes down to it isthat the overall simple
security property is the bestone.
It's the no read up and it'sbasically a subject at a lower
(12:10):
clearance cannot read objects ata higher classification level.
So again, it's different thanthe BIBA's integrity axiom,
which is no read down.
This is where you have no readup and this one directly applies
to this specific situation,because the clearances you don't
want to be able to read from asecret to a top secret.
Question two a bank is designinga transaction processing system
(12:30):
.
The goal is to ensure onlywell-formed transactions are
executed, to preventunauthorized users from
manipulating account balancesand enforcing separation of
duties between employees.
Again, separation of duties isSOD.
Which model best addressesthese concerns?
A the Biba model, b theClark-Wilson model, c the
Bellaputa model or D theBrewer-Nash Chinese wall model.
(12:52):
The answer is B, theClark-Wilson model.
Now, the Clark-Wilson modelenforces well-formed
transactions, separation ofduties and certification rules.
This is what you want forfinancial systems, ideally.
But the BIBA is focused onintegrity, which is basically no
read down, no write up, butdoes not enforce separation of
duties or well-formedtransactions.
(13:13):
And then the Bellaputa isobviously for confidentiality,
not integrity of business rules.
And then the Brewer of Nash wetalked about the Chinese wall.
Parts of this is it preventsconflicts of interest such as
consulting and investment.
So this one really doesn't fitthe overall piece around
separation of duties in thiscase.
So it's focused aroundconflicts of interest.
So the answer is Clark Wilson.
(13:37):
Question three a research firmhires consultants who may work
with multiple clients in thesame industry.
Oh, I wonder what that one is.
The company must preventconsultants from accessing data
on competing clients once theybegin working on one client's
project.
Which security model should beapplied?
Okay, we just kind of talkedabout this one.
So which one is it?
Hmm, things that make you go.
(13:58):
Hmm Well, let's see, the ClarkWilson is A, bell Laputa is B,
the Brewer Nash is C and theHarrison Rousseau Ullman is D.
So HRU is theoretically a modelabout rights assignment.
So we know that that one isprobably not it at all, because
it's about revocation, notconflict of interest.
Bell Laputa enforcesconfidentiality, but again, it's
(14:20):
not client-based conflictswhich we've talked about.
And then the Clark-Wilson is atransaction integrity-focused
only and it's not for dynamicconflicts that may be occurring.
So the answer would be yes, itwould be C, the Brewer-Nash
Chinese wall model.
We talked about this.
You're client A, you're aconsultant working on client a
you do not have access to, andthen you begin to work for
(14:41):
client b at a future point, youdo not have access to back to
client a's information again.
That's to prevent conflicts ofinterest.
Question five a military systemis required to ensure that
actions at the top secret leveldo not have any observable
effect on the processes at theconfidential or unclassified
levels, even indirectly.
(15:02):
Which model best enforces this?
Okay, so A the BIBA, b theGraham-Denning, c the Bellaputa
and D the non-interference model.
Okay, so which one bestenforces this?
So the BIBA, let's talk aboutit.
It protects integrity and it'snot information flow between the
high and low levels, which iswhat top secret and secret are,
(15:26):
or top secret and confidential.
Biba protects integrity, notinformation flow between the
high and low levels.
We talked about that.
Graham Denning defines therights and operations for the
object slash, subject management, but does not prevent covert
leakage.
And then Bellaputa enforces noread-up and no write-down but
doesn't fully prevent obviouslysubtle interference between
(15:47):
these covert channels.
So which is the right answer?
The right answer is thenon-interference one.
This is where it ensureshigher-level actions do not
influence lower-level states,preventing obviously covert
channel leaks between the two.
And we've talked about covertchannel leaks in various aspects
of the CISSP, cyber training.
So if you want to go back to aprevious episode, you can go and
(16:09):
check that out.
Question five a cloud providermust design a system that
ensures creation, deletion andtransfer of rights between users
and objects is strictlycontrolled Say transfer.
So anything deletion, transfer,any of those things are
strictly controlled of rightsbetween users and objects is
strictly controlled Say transfer, okay, so anything deletion,
transfer, any of those thingsare strictly controlled.
Of rights right, the modelshould specify how subjects can
be created and how their rightsare transferred.
(16:31):
Which model best addresses thisneed?
Okay, so we're dealing withrights.
So we have A the Tate-Grantmodel, b the Bibba model, c the
Bellapula model, or D theBrewer-Nash model?
Okay, so, based on what we'vetalked about, the Brewer-Nash
model is a Chinese wall.
This one does not affectanything that deals with rights.
It's focused specificallyaround conflicts of interest.
(16:51):
So you could throw that oneaway.
Bellaputa enforcesconfidentiality rules and is not
defined around rightsdistribution.
The Biba model is aroundintegrity but not around rights
transfer.
So which one is left?
It is the take-grant modelbecause it specifically talks
about taking and granting rights, air quotes of objects.
(17:13):
So you know that if you'redealing with rights or you're
taking it and you're grantingrights, then it is ideal for
modeling rights distribution andtherefore that would be the
most correct answer.
So, again, take, grant isaround rights, so I hope that
kind of helped around thoseareas.
Okay, that's all I've got foryou today.
Head on over to CISSP CyberTraining.
You can get access to thesequestions, as well as many, many
(17:35):
more.
I've got over a thousanddifferent CISSP questions that
are out there and available foryou.
They're all out there at CISSPCyber Training.
Go check it out.
It's an awesome site.
We are just.
Things are growing very quicklyat CISSP Cyber Training.
We have lots and lots of greatcontent and we are helping a lot
of people be successful at theCISSP.
So go check it out, see whatyou think.
(17:55):
Let me know if you have anyquestions.
No-transcript.
(18:21):
If you like what you heard,please leave a review on iTunes,
as I would greatly appreciateyour feedback.
Also, check out my videos thatare on YouTube and just head to
my channel at CISSP CyberTraining and you will find a
plethora, or a cornucopia, ofcontent to help you pass the
CISSP exam the first time.
Content to help you pass theCISSP exam the first time.
(18:43):
Lastly, head to CISSP CyberTraining and sign up for 360
free CISSP questions to help youin your CISSP journey.
Thanks again for listening.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!