PrepAway - Latest Free Exam Questions & Answers

what subjects can access specific resources based on th…

Which access control model enables the OWNER of the resource to specify what subjects can access specific
resources based on their identity?

PrepAway - Latest Free Exam Questions & Answers

A.
Discretionary Access Control

B.
Mandatory Access Control

C.
Sensitive Access Control

D.
Role-based Access Control

Explanation:
Discretionary Access Control (DAC) allows data owners to dictate what subjects have access to the files and
resources they own.
Incorrect Answers:
B: Mandatory Access control is considered nondiscretionary and is based on a security label system
C: Sensitive access control is not a valid access control.
D: Role-based access control (RBAC) provides access to resources according to the role the user holds within
the company or the tasks that the user has been assigned.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228


Leave a Reply