Systems Security Certified Practitioner – SSCP – Question0151
Which of the following access control models introduces user security clearance and data classification? A. Role-based access control B. Discretionary access control C. Non-discretionary access control D. Mandatory access control
Correct Answer: D
Explanation:
The mandatory access control model is based on a security label system. Users are given a security clearance and data is classified. The classification is stored in the security labels of the resources. Classification labels specify the level of trust a user must have to access a certain file.
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, Chapter 4: Access Control (Page 154).
Please disable your adblocker or whitelist this site!