O'Reilly logo

CISSP: Certified Information Systems Security Professional Study Guide, 6th Edition by Darril Gibson, Mike Chapple, James M. Stewart

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix A

Answers to Review Questions

Chapter 1: Access Control

1. C. The subject is active and is always the entity that receives information about or data from the object. A subject can be a user, a program, a process, a file, a computer, a database, and so on. The object is always the entity that provides or hosts information or data. The roles of subject and object can switch while two entities communicate to accomplish a task.

2. A. Access control mechanisms help to prevent losses, including any loss of confidentiality, loss of availability, or loss of integrity. Subjects authenticate on a system and objects are accessed. A first step in access control is the identification and authentication of subjects, but access control also includes ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required