Certified Information Systems Security Professional (CISSP) — Question 308

Which of the following is a limitation of the Bell-LaPadula model?

Answer options

• A. Segregation of duties (SoD) is difficult to implement as the "no read-up" rule limits the ability of an object to access information with a higher classification.
• B. Mandatory access control (MAC) is enforced at all levels making discretionary access control (DAC) impossible to implement.
• C. It contains no provision or policy for changing data access control and works well only with access systems that are static in nature.
• D. It prioritizes integrity over confidentiality which can lead to inadvertent information disclosure.

Correct answer: C

Explanation

The correct answer is C because the Bell-LaPadula model is designed for static access control and does not accommodate changing data access policies. Options A and B are incorrect as they describe features that do not pertain to the Bell-LaPadula model's limitations, while D mischaracterizes the model's focus, which is primarily on confidentiality, not integrity.