When configuring settings in a mandatory access control environment, which of the following specifies the subjects that can access specific data objects?
A. Owner
B. System
C. Administrator
D. User
7 Comments on “which of the following specifies the subjects that can …”
pilotsays:
D. user
DAC model is built around the owner assigning the rights whereas in MAC model the system specifies which subjects can access specific data objects. Objects are given labels and subjects are given clearance
pilot the website you referenced specifically said the system and NOT the user. The administrator defines the rules that the system adheres to
7
0
Gergsays:
A mandatory access control (MAC) model applies to highly secure environments, such as defense or financial systems. With mandatory access control, a user is granted access to a system or data based upon his security clearance level. Data is assigned different labels that designate its sensitivity and the security clearance required to access it. Administrators grant users, who also have security clearances assigned to their accounts, access to specific systems or data, based upon their need-to-know requirements.
4
1
Gergsays:
Answer: C
4
2
fahadksasays:
D–> Security administrators assign labels to both subjects (users) and objects
(files or folders). When the labels match, the system can grant a subject
access to an object. When the labels don’t match, the access model blocks
access
3
3
meacsays:
It is a matter of reading the question properly. The crux of the question is “who specifies the subjects that can access specific data objects?”
Also, we are speaking in here of MAC – Mandatory Access Control, and not of DAC- Discretionary Access Control
At the end of the day, in MAC, users cannot grant themselves access to specific data objects, neither they can give themselves the granting rights.
This is done by the administrators. It is the admins who determine who can access what
So the answers is more than certainly C: Administrator
9
0
certifistsays:
from pearson comptia exam guide
Mandatory access control (MAC) is an access control policy determined by a
computer system, not by a user or owner, as it is in DAC. Permissions are predefined
in the MAC model.
D. user
DAC model is built around the owner assigning the rights whereas in MAC model the system specifies which subjects can access specific data objects. Objects are given labels and subjects are given clearance
source: https://sites.google.com/site/jimmyxu101/concepts/accesscontrol
0
14
pilot the website you referenced specifically said the system and NOT the user. The administrator defines the rules that the system adheres to
7
0
A mandatory access control (MAC) model applies to highly secure environments, such as defense or financial systems. With mandatory access control, a user is granted access to a system or data based upon his security clearance level. Data is assigned different labels that designate its sensitivity and the security clearance required to access it. Administrators grant users, who also have security clearances assigned to their accounts, access to specific systems or data, based upon their need-to-know requirements.
4
1
Answer: C
4
2
D–> Security administrators assign labels to both subjects (users) and objects
(files or folders). When the labels match, the system can grant a subject
access to an object. When the labels don’t match, the access model blocks
access
3
3
It is a matter of reading the question properly. The crux of the question is “who specifies the subjects that can access specific data objects?”
Also, we are speaking in here of MAC – Mandatory Access Control, and not of DAC- Discretionary Access Control
At the end of the day, in MAC, users cannot grant themselves access to specific data objects, neither they can give themselves the granting rights.
This is done by the administrators. It is the admins who determine who can access what
So the answers is more than certainly C: Administrator
9
0
from pearson comptia exam guide
Mandatory access control (MAC) is an access control policy determined by a
computer system, not by a user or owner, as it is in DAC. Permissions are predefined
in the MAC model.
so B system
0
0