Which statement accurately describes DAC, MAC, and RBAC?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the Information Systems Technician Second Class (IT2) Advancement Exam with our extensive set of flashcards and multiple-choice questions. Each question is accompanied by hints and thorough explanations. Enhance your knowledge and prepare for success!

Multiple Choice

Which statement accurately describes DAC, MAC, and RBAC?

Explanation:
Access control models describe who can access resources and how those decisions are made. Discretionary Access Control means the owner of an object controls its permissions and can grant or revoke access to others at their discretion. The owner’s choices determine who gets what rights. Mandatory Access Control, on the other hand, relies on a centralized policy that uses labels or classifications to enforce access decisions regardless of the owner's wishes—policy dictates who may access what. This is often implemented with labeled subjects and objects and a policy engine (for example, SELinux). Role-Based Access Control assigns permissions to roles rather than to individual users; users obtain access by being assigned to appropriate roles, which streamlines management and supports consistent enforcement of the principle of least privilege. So the statement that best reflects these concepts is that Discretionary Access Control is owner-controlled permissions; Mandatory Access Control uses policy-based labels enforced by a central policy; and Role-Based Access Control uses role-based access assignments. The other descriptions mix in irrelevant ideas like password policies or time-based restrictions, or incorrectly pair DAC with mandatory control, which don’t fit the standard definitions.

Access control models describe who can access resources and how those decisions are made. Discretionary Access Control means the owner of an object controls its permissions and can grant or revoke access to others at their discretion. The owner’s choices determine who gets what rights. Mandatory Access Control, on the other hand, relies on a centralized policy that uses labels or classifications to enforce access decisions regardless of the owner's wishes—policy dictates who may access what. This is often implemented with labeled subjects and objects and a policy engine (for example, SELinux). Role-Based Access Control assigns permissions to roles rather than to individual users; users obtain access by being assigned to appropriate roles, which streamlines management and supports consistent enforcement of the principle of least privilege.

So the statement that best reflects these concepts is that Discretionary Access Control is owner-controlled permissions; Mandatory Access Control uses policy-based labels enforced by a central policy; and Role-Based Access Control uses role-based access assignments. The other descriptions mix in irrelevant ideas like password policies or time-based restrictions, or incorrectly pair DAC with mandatory control, which don’t fit the standard definitions.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy