Erich Winkler (@cybersecerich): "There are over a dozen security models in the CISSP exam. Bell-LaPadula. Biba. Clark-Wilson. Brewer-Nash. Take-Grant. Most candidates try to memorize all of them. There is a simpler way. Two questions answer almost every security model scenario on the exam: What does this m…"

There are over a dozen security models in the CISSP exam.

Bell-LaPadula. Biba. Clark-Wilson. Brewer-Nash. Take-Grant.

Most candidates try to memorize all of them.

There is a simpler way.

Two questions answer almost every security model scenario on the exam:

What does this model protect - confidentiality or integrity?

Who controls the access rules - the user or the system?

Answer those two questions and the right model becomes obvious.

Stop Memorizing Security Models: Use This 2-Question CISSP Filter

May 20

1:00 AM