224. b. A reference monitor concept is an access control concept that refers to an abstract machine (computer) that mediates all accesses to objects by subjects. The five design requirements that must be met by a reference validation mechanism include (i) it must be tamperproof, (ii) it must not be bypassed, (iii) it must always be invoked, (iv) it must be small enough to be subject to analysis and tests, and (v) it must provide confidence that the other four items are assured. The reference monitor concept is useful to any system providing multilevel secure computing facilities and controls.
225. Which of the following application system development approaches best brings the operational viewpoint to the requirements specification phase?
a. Waterfall model
b. Incremental development model
c. Evolutionary development model
d. Rapid prototyping model
225. d. Due to its iterative process and end-user involvement, the rapid prototype model brings the operational viewpoint to the requirements specification phase. Requirements are defined, refined, tested, and changed until the end user cannot change it any more. Later, these requirements will become input to the design work.
Waterfall model is incorrect because it will not bring the operational viewpoint to the requirements phase until the system is completely implemented. Although the incremental development model and the evolutionary development models are better than the waterfall model, they are not as good as rapid prototyping in terms of bringing the operational viewpoint to the requirements specification.
Scenario-Based Questions, Answers, and Explanations
Use the following information to answer questions 1 through 11.
The RGO Company is undertaking a new business process that represents a 15 percent increase in volume and a 10 percent increase in the number of employees. The business is dependent on software to run remote processing. The new process needs to be tested fully before implementation. To maintain the stability of the current business and create a smooth transition to the new business process, the company is going to employ a system development life cycle (SDLC) methodology. RGO cannot afford to fail.
1. Security categorization is performed in which of the following phases of an SDLC methodology?
a. Initiation
b. Development/acquisition
c. Implementation
d. Operations/maintenance
1. a. Security categorization standards provide a common framework for expressing security needs. Categorization is based on an assessment of the potential impact (i.e., low, moderate, or high) that a loss of confidentiality, integrity, or availability of information systems would have on organizational operations, organizational assets, or individuals. It is a task performed in the initiation phase.
2. Security planning is performed in which of the following phases of an SDLC?
a. Initiation
b. Development/acquisition
c. Implementation
d. Operations/maintenance
2. b. Security planning ensures that agreed-upon security controls, whether planned or in place, are fully documented. It is a task performed in the development/acquisition phase.
3. Security certification and accreditation is performed in which of the following phases of an SDLC?
a. Initiation
b. Development/acquisition
c. Implementation
d. Operations/maintenance
3. c. Security certification ensures that the controls are effectively implemented through established verification techniques and procedures and gives an organization confidence that the appropriate safeguards and countermeasures are in place to protect the organization’s information systems. Security accreditation provides the necessary security authorization of an information system to process, store, or transmit information that is required. Both security certification and accreditation tasks are performed in the implementation phase.
4. Configuration management and control is performed in which of the following phases of an SDLC?
a. Initiation
b. Development/acquisition
c. Implementation
d. Operations/maintenance
4. d. Configuration management and control ensures adequate consideration of the potential security impacts due to specific changes to an information system or its surrounding environment. It is a task performed in the operation/maintenance phase.
