Which of the following is a type of mandatory access control?

seenagapeNovember 2, 2015

A.
Rule-based access control

B.
Role-based access control

C.
User-directed access control

D.
Lattice-based access control

Explanation:
pg 46 Krutz: CISSP Prep Guide: Gold Edition

5 Comments on “Which of the following is a type of mandatory access control?”

paul milne says:

June 9, 2016 at 1:17 am

This answer is incorrect.
According to Official CISSP Guide Fourth Edition pg 711
“Rule-based controls are most commonly a form of DAC, because the system owner typically develops the rules based on organization or processing needs.”

0

0

Log in to Reply
1. lemonlee says:
  
  June 9, 2016 at 6:27 am
  
  I think MAC is one type of RuBAC, which doesn’t allow user to modify the rules.
  
  A isn’t incorrect.
  
  0
  
  0
  
  Log in to Reply
Abs says:

June 9, 2016 at 7:48 pm

D- Lattice defines boundaries and also MAC( just like in Bell lapadula)

0

0

Log in to Reply
Shabnam says:

March 14, 2017 at 7:55 am

Lattice-based access controls also fit into the
general category of information flow models and deal primarily with confidentiality
(that’s the reason for the connection to Bell-LaPadula

Page 324 Sybex
I think D is the correct answer

0

0

Log in to Reply
Mike says:

April 7, 2017 at 12:35 am

Answer is D. Confirmed and verified

Check:
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide / Edition 7. Page 648

It clearly states that, “The MAC model is often referred to as a lattice-Based model” This is on the 4th paragraph on page 648

0

0

Log in to Reply