Which of the following is not one of the three goals of Integrity addressed by the Clark-Wilson model?
A.
Prevention of the modification of information by unauthorized users.
B.
Prevention of the unauthorized or unintentional modification of information by authorized users.
C.
Preservation of the internal and external consistency.
D.
Prevention of the modification of information by authorized users.
Explanation:
Prevention of the modification of information by authorized users is not one of the three goals of integrity
addressed by the Clark-Wilson model.
Clark-Wilson addresses the following three goals of integrity in its model:
Prevent unauthorized users from making modifications
Prevent authorized users from making improper modifications (separation of duties)
Maintain internal and external consistency (well-formed transaction)
The Clark-Wilson model enforces the three goals of integrity by using access triple (subject, software [TP],
object), separation of duties, and auditing. This model enforces integrity by using well-formed transactions
(through access triple) and separation of duties.
Incorrect Answers:
A: Prevention of the modification of information by unauthorized users is one of the three goals of integrity
addressed by the Clark-Wilson model.
B: Prevention of the unauthorized or unintentional modification of information by authorized users is one of the
three goals of integrity addressed by the Clark-Wilson model.
C: Preservation of the internal and external consistency is one of the three goals of integrity addressed by the
Clark-Wilson model.Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 374