Which of the following common access control models is commonly used on systems to ensure a “need to know” based on classification levels?

A.
Role Based Access Controls

B.
Mandatory Access Controls

C.
Discretionary Access Controls

D.
Access Control List

Explanation:
Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know
is a security restriction where some objects are restricted unless the subject has a need to know them.

Incorrect Answers:
A: Basically, Role-based Access Control is based on a user’s job description. It does not include the use of need to know.
C: Discretionary access control (DAC) is identity based, not based on classification levels.
D: Access Control List (ACL) specifies which users are allowed or refused the different types of available access based on the object type.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 278- 284.