Which of the following access control models requires defining classification for objects?
A.
 Role-based access control
B.
 Discretionary access control
C.
 Identity-based access control
D.
 Mandatory access control
Explanation:
Mandatory access control (MAC) is an access policy that restricts access to objects based on the security
clearance of a subject and the classification of an object.
Incorrect Answers:
A: Role-based access control (RBAC) provides access to resources according to the role the user holds within
the company or the tasks that the user has been assigned.
B: Access in a DAC model is restricted based on the authorization granted to the users.
C: Identity-based access control is a type of DAC system that allows or prevents access based on the identity
of the subject.Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228