Explanation/Reference:
Explanation:
The Bell-LaPadula Model (abbreviated BLP) is a state machine model used for enforcing access control in government and military applications. It was developed by David Elliott Bell and Leonard J. LaPadula, subsequent to strong guidance from Roger R. Schell to formalize the U.S. Department of Defense (DoD) multilevel security (MLS) policy. The model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects. Security labels range from the most sensitive (e.g., "Top Secret"), down to the least sensitive (e.g., "Unclassified" or "Public").
Incorrect Answers:
B: The Biba Model describes a set of access control rules designed to ensure data integrity. It is not used for enforcing access control in government and military applications.
C: The Sutherland model is an information flow model. It is not used for enforcing access control in government and military applications.
D: The Brewer and Nash Model deals with conflict of interest. It is not used for enforcing access control in government and military applications.
References:
https://en.wikipedia.org/wiki/Bell-LaPadula_model

PKI - Public Key Infrastructure is an infrastructure of hardware, software, people,
policies and procedures that makes use of the technology to provide some sort of confidentiality,
integrity and authenticity as well as non-repudiation in our daily digital lives.
In the case of the email threat, the fact that the email was digitally signed by the sender proves
that he is guilty of conveying the threat. Non-repudiation is the aspect of PKI that proves that
nobody else could have digitally signed the email using his private key that exists only on his
identity card.
In the Digital World:
Regarding digital security, the cryptological meaning and application of non-repudiation shifts to
mean:
A service that provides proof of the integrity and origin of data.
An authentication that can be asserted to be genuine with high assurance .
Proof of data integrity is typically the easiest of these requirements to accomplish. A data hash,
such as SHA2, is usually sufficient to establish that the likelihood of data being undetectably
changed is extremely low. Even with this safeguard, it is still possible to tamper with data in transit,
either through a man-in-the-middle attack or phishing. Due to this flaw, data integrity is best
asserted when the recipient already possesses the necessary verification information.
The most common method of asserting the digital origin of data is through digital certificates, a
form of public key infrastructure, to which digital signatures belong. They can also be used for
encryption. The digital origin only means that the certified/signed data can be, with reasonable
certainty, trusted to be from somebody who possesses the private key corresponding to the
signing certificate. If the key is not properly safeguarded by the original owner, digital forgery can
become a major concern.
The following answers are incorrect:
-The digital signature of the recipient: No, this isn't right. The recipient's signature won't indict the sender of the threat. The sender's digital signature will prove his involvement.
-Authentication: This is incorrect. Authentication is the process of proving one's identity.
-Integrity: Sorry, this isn't the right answer either. Integrity in PKI only verifies that messages and content aren't altered in transit.
The following reference(s) was used to create this question: http://en.wikipedia.org/wiki/Non-repudiation

Documenting business processes is an important step in Business Continuity Planning (BCP), as it provides an understanding of the organization's interdependencies, such as the people, resources, systems, and functions that are involved in each process. This helps to identify the critical processes that need to be prioritized and protected, as well as the potential impact of a disruption on the organization's operations and objectives12. References: 1: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 10, page 10092: CISSP For Dummies, 7th Edition, Chapter 10, page 339.