Systems Security Certified Practitioner – SSCP – Question0127
Which access control model is best suited in an environment where a high security level is required and where it is desired that only the administrator grants access control? A. DAC B. MAC C. Access control matrix D. TACACS
Correct Answer: B
Explanation:
MAC provides high security by regulating access based on the clearance of individual users and sensitivity labels for each object. Clearance levels and sensitivity levels cannot be modified by individual users –for example, user Joe (SECRET clearance) cannot reclassify the “Presidential Doughnut Recipe” from “SECRET” to “CONFIDENTIAL” so that his friend Jane (CONFIDENTIAL clearance) can read it. The administrator is ultimately responsible for configuring this protection in accordance with security policy and directives from the Data Owner.
DAC is incorrect. In DAC, the data owner is responsible for controlling access to the object.
Access control matrix is incorrect. The access control matrix is a way of thinking about the access control needed by a population of subjects to a population of objects. This access control can be applied using rules, ACL’s, capability tables, etc.
TACACS is incorrect. TACACS is a tool for performing user authentication.
References: CBK, p. 187, Domain 2: Access Control.
AIO3, Chapter 4, Access Control.
Please disable your adblocker or whitelist this site!