**Your company develops security products. You are the head of the firewall product line and decide to develop a new firewall model. Formal methods will be used for specification, verification, and other aspects of product development. Which of the following is not a formal method?
**A. Fagan inspection

B. Delphi method

C. Lattice-based access control

D. Finite-state machine

**Wentz’s Book, The Effective CISSP: Security and Risk Management https://www.amazon.com/dp/B087JL6BXR**

**Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.**

My suggested answer is B. Delphi method.

# Delphi method

The Delphi method can be applied to various areas. It’s a qualitative analysis technique if it is used in risk analysis. **However, it relies on the expert’s judgment instead of mathematical theory.**

Delphi is based on the principle that forecasts (or decisions) from a structured group of individuals are more accurate than those from unstructured groups. The experts answer

questionnairesin two or more rounds. After each round, afacilitatoror change agent provides ananonymised summaryof the experts’ forecasts from the previous round as well as the reasons they provided for their judgments. Thus, experts are encouraged to revise their earlier answers in light of the replies of other members of their panel. It is believed that during this process the range of the answers will decrease and the group will converge towards the “correct” answer. Finally, the process is stopped after a predefined stop criterion (e.g., number of rounds, achievement of consensus, stability of results), and the mean or median scores of the final rounds determine the results.Source: Wikipedia

# Fagan inspection

A Fagan inspection is a process of trying to find

defects in documents(such as source code or formal specifications) during various phases of thesoftware developmentprocess. It is named after Michael Fagan, who is credited with being the inventor offormal software inspections.Fagan inspection defines a process as a certain activity with pre-specified

entry and exit criteria. In every process for which entry and exit criteria are specified, Fagan inspections can be used to validate if theoutputof the process complies with the exit criteria specified for the process. Fagan inspection uses agroup reviewmethod to evaluate the output of a given process.Source: Wikipedia

# Lattice-based access control (LBAC)

A lattice is a partial order set in mathematics.

A lattice is an abstract structure studied in the mathematical subdisciplines of order theory and abstract algebra. It consists of a partially ordered set in which every two elements have a unique supremum (also called a least upper bound or join) and a unique infimum (also called a greatest lower bound or meet). An example is given by the natural numbers, partially ordered by divisibility, for which the unique supremum is the least common multiple and the unique infimum is the greatest common divisor.

Source: Wikipedia

LBAC is also known as a label-based access control (or rule-based access control) restriction as opposed to role-based access control (RBAC). Lattice based access control models were first formally defined by Denning (1976).

In this type of label-based mandatory access control model, a lattice is used to define the levels of security that an object may have and that a subject may have access to. The subject is only allowed to access an object if the security level of the subject is greater than or equal to that of the object.

Source: Wikipedia

# Finite-state machine

A finite-state machine (FSM) or finite-state automaton (FSA, plural: automata), finite automaton, or simply a state machine, is a mathematical model of computation. It is an abstract machine that can be in exactly one of a finite number of states at any given time. The FSM can change from one state to another in response to some inputs; the change from one state to another is called a transition. An FSM is defined by a list of its states, its initial state, and the inputs that trigger each transition.

Source: Wikipedia

# Reference

- Formal methods
- Formal Methods (Michael Collins)
- Formal Methods (interaction-design)
- Formal Methods (fmeurope)
- Formal Methods (cornell)
- Introducing Formal Methods
- WHY DON’T PEOPLE USE FORMAL METHODS?
- Fagan inspection
- Delphi method
- The Delphi technique
- Lattice-based access control
- Information flow (information theory)
- Finite-state machine

# A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, *The Effective CISSP: Security and Risk Management*, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.

- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.