Certified Information Systems Security Professional (CISSP) — Question 194

A security architect is reviewing an implemented security framework. After the review, the security architect wants to enhance the security by implementing segregation of duties (SoD) to address protection against fraud. Which security model BEST protects the integrity of data?

Answer options

• A. The Brewer-Nash model
• B. The Biba Integrity model
• C. The Bell-LaPadula model
• D. The Clark-Wilson model

Correct answer: D

Explanation

The Clark-Wilson model is designed to ensure data integrity through well-formed transactions and separation of duties, making it the best choice for preventing fraud. In contrast, the Brewer-Nash model focuses on confidentiality, the Biba Integrity model emphasizes preventing data corruption, and the Bell-LaPadula model is primarily concerned with maintaining confidentiality rather than integrity.