In a MAC environment implementing Bell-LaPadula, a subject with Secret clearance attempts to read an object classified as Confidential and write to an object classified as Top Secret. Which operations are permitted?
Read down (Secret→Confidential) and write up (Secret→Top Secret) are both permitted.
Why this answer
In Bell-LaPadula, the Simple Security Property (no read up) prevents a subject from reading an object at a higher classification, but reading down is allowed. The *-Property (no write down) prevents writing to a lower classification, but writing up is allowed. Since the subject has Secret clearance, reading Confidential (lower) is permitted, and writing to Top Secret (higher) is permitted, so both operations are allowed.
Exam trap
ISC2 often tests the misconception that both read and write must be at the same clearance level, but Bell-LaPadula actually allows reading down and writing up, not the reverse.
How to eliminate wrong answers
Option A is wrong because it claims read is denied, but reading down (Secret reading Confidential) is allowed by the Simple Security Property. Option C is wrong because it claims write is denied, but writing up (Secret writing to Top Secret) is allowed by the *-Property. Option D is wrong because it claims both are denied, but both operations are actually permitted under Bell-LaPadula rules.