Identify which information is sensitive

In order to protect the confidentiality of the data.
The following answers are incorrect because :
Install a firewall is incorrect as this would come after the information has been identified for
sensitivity levels. Implement encryption is also incorrect as this is one of the mechanisms to protect the data
once it has been identified.
Review all user access rights is also incorrect as this is also a protection mechanism for the
identified information.
Reference : Shon Harris AIO v3 , Chapter-4 : Access Control , Page : 126

hands, face, and eyes

Today implementation of fast, accurate, reliable, and user-acceptable
biometric identification systems are already under way. Because most identity
authentication takes place when a people are fully clothed (neck to feet and wrists), the
parts of the body conveniently available for this purpose are hands, face, and eyes.
From: TIPTON, Harold F. & KRAUSE, MICKI, Information Security Management
Handbook, 4th Edition, Volume 1, Page 7.

Authenticate the user.

Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation

Continuous authentication

A continuous authentication provides protection against impostors who can
see, alter, and insert information passed between the claimant and verifier even after the
claimant/verifier authentication is complete. This is the best protection against hijacking.
Static authentication is the type of authentication provided by traditional password schemes
and the strength of the authentication is highly dependent on the difficulty of guessing
passwords. The robust authentication mechanism relies on dynamic authentication data
that changes with each authenticated session between a claimant and a verifier, and it
does not protect against hijacking. Strong authentication refers to a two-factor
authentication (like something a user knows and something a user is).
Source: TIPTON, Harold F. & KRAUSE, Micki, Information Security Management
Handbook, 4th edition (volume 1), 2000, CRC Press, Chapter 3: Secured Connections to
External Networks (page 51).

Is there a process for reporting incidents?

Identification and authentication is a technical measure that prevents
unauthorized people (or unauthorized processes) from entering an IT system. Access
control usually requires that the system be able to identify and differentiate among users.
Reporting incidents is more related to incident response capability (operational control)
than to identification and authentication (technical control).
Source: SWANSON, Marianne, NIST Special Publication 800-26, Security Self-
Assessment Guide for Information Technology Systems, November 2001 (Pages A-30 to
A-32).

Separation of duties

Detective administrative controls warn of administrative control violations.
Rotation of duties, required vacations and security reviews and audits are forms of
detective administrative controls. Separation of duties is the practice of dividing the steps in
a system function among different individuals, so as to keep a single individual from
subverting the process, thus a preventive control rather than a detective control.
Source: DUPUIS, Cl?ment, Access Control Systems and Methodology CISSP Open Study
Guide, version 1.0 (march 2002).

 password guessing

Sesame is an authentication and access control protocol, that also supports
communication confidentiality and integrity. It provides public key based authentication
along with the Kerberos style authentication, that uses symmetric key cryptography.
Sesame supports the Kerberos protocol and adds some security extensions like public key
based authentication and an ECMA-style Privilege Attribute Service.
The users under SESAME can authenticate using either symmetric encryption as in
Kerberos or Public Key authentication. When using Symmetric Key authentication as in
Kerberos, SESAME is also vulnerable to password guessing just like Kerberos would be.
The Symmetric key being used is based on the password used by the user when he logged
on the system. If the user has a simple password it could be guessed or compromise. Even
thou Kerberos or SESAME may be use, there is still a need to have strong password
discipline.
The Basic Mechanism in Sesame for strong authentication is as follow:The user sends a request for authentication to the Authentication Server as in Kerberos,
except that SESAME is making use of public key cryptography for authentication where the
client will present his digital certificate and the request will be signed using a digital
signature. The signature is communicated to the authentication server through the
preauthentication fields. Upon receipt of this request, the authentication server will verifies
the certificate, then validate the signature, and if all is fine the AS will issue a ticket granting
ticket (TGT) as in Kerberos. This TGT will be use to communicate with the privilage
attribute server (PAS) when access to a resource is needed.
Users may authenticate using either a public key pair or a conventional (symmetric) key. If
public key cryptography is used, public key data is transported in preauthentication data
fields to help establish identity.
Kerberos uses tickets for authenticating subjects to objects and SESAME uses Privileged
Attribute Certificates (PAC), which contain the subject’s identity, access capabilities for the
object, access time period, and lifetime of the PAC. The PAC is digitally signed so that the
object can validate that it came from the trusted authentication server, which is referred to
as the privilege attribute server (PAS). The PAS holds a similar role as the KDC within
Kerberos. After a user successfully authenticates to the authentication service (AS), he is
presented with a token to give to the PAS. The PAS then creates a PAC for the user to present to the resource he is trying to access.
Reference(s) used for this question:
http://srg.cs.uiuc.edu/Security/nephilim/Internal/SESAME.txt
and
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 43.

 Corrective controls

Corrective controls are concerned with remedying circumstances and
restoring controls.
Detective controls are concerned with investigating what happen after the fact such as logs
and video surveillance tapes for example.
Compensating controls are alternative controls, used to compensate weaknesses in other
controls.
Preventive controls are concerned with avoiding occurrences of risks.
Source: TIPTON, Hal, (ISC)2, Introduction to the CISSP Exam presentation

 C

C deals with discretionary protection. See matric below:

C:\Users\MCS\Desktop\1.jpg
TCSEC Matric
The following are incorrect answers:
D is incorrect. D deals with minimal security.
B is incorrect. B deals with mandatory protection.
A is incorrect. A deals with verified protection.
Reference(s) used for this question:
CBK, p. 329 – 330  and   Shon Harris, CISSP All In One (AIO), 6th Edition , page 392-393

The pair of elements is the subject and object, and the subject has an upper bound
equal or higher than the upper bound of the object being accessed.

To apply this concept to access control, the pair of elements is the subject
and object, and the subject has to have an upper bound equal or higher than the object
being accessed.
WIKIPEDIA has a great explanation as well:
In computer security, lattice-based access control (LBAC) is a complex access control
based on the interaction between any combination of objects (such as resources,
computers, and applications) and subjects (such as individuals, groups or organizations).
In this type of label-based mandatory access control model, a lattice is used to define the
levels of security that an object may have and that a subject may have access to. The
subject is only allowed to access an object if the security level of the subject is greater than
or equal to that of the object Reference(s) used for this question:
KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 34.
andhttp://en.wikipedia.org/wiki/Lattice-based_access_control