Systems Security Certified Practitioner – SSCP – Question0153
Which of the following access control models requires security clearance for subjects? A. Identity-based access control B. Role-based access control C. Discretionary access control D. Mandatory access control
Correct Answer: D
Explanation:
With mandatory access control (MAC), the authorization of a subject’s access to an object is dependant upon labels, which indicate the subject’s clearance. Identity-based access control is a type of discretionary access control. A role-based access control is a type of non-discretionary access control.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page 33).
Please disable your adblocker or whitelist this site!