PrepAway - Latest Free Exam Questions & Answers

Which of the following access control models will he use?

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those
resources that are required for them. Which of the following access control models will he use?

PrepAway - Latest Free Exam Questions & Answers

A.
Policy Access Control

B.
Mandatory Access Control

C.
Discretionary Access Control

D.
Role-Based Access Control

Explanation:

Role-based access control (RBAC) is an access control model. In this model, a user can
access resources according to his role in the
organization. For example, a backup administrator is responsible for taking backups of important
data. Therefore, he is only authorized to
access this data for backing it up. However, sometimes users with different roles need to access the
same resources. This situation can also
be handled using the RBAC model.
Answer option B is incorrect. Mandatory Access Control (MAC) is a model that uses a predefined set
of access privileges for an object of the
system. Access to an object is restricted on the basis of the sensitivity of the object and granted
through authorization. Sensitivity of an
object is defined by the label assigned to it. For example, if a user receives a copy of an object that is
marked as “secret”, he cannot grant
permission to other users to see this object unless they have the appropriate permission.
Answer option C is incorrect. DAC is an access control model. In this model, the data owner has the
right to decide who can access the data.
This model is commonly used in PC environment. The basis of this model is the use of Access Control
List (ACL).
Answer option A is incorrect. There is no such access control model as Policy Access Control.


Leave a Reply