A security technician is working with the network firewall team to implement access controls at the company’s demarc as part of the initiation of configuration
management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the
following should the security technician respond?

A.
Rule based access control

B.
Role based access control

C.
Discretionary access control

D.
Mandatory access control

Explanation:
Rule-based access control is used for network devices, such as firewalls and routers, which filter traffic based on filtering rules.
Incorrect Answers:
B: Basically, Role-based Access Control is based on a user’s job description.
C: Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based on user identity and on the discretion of the object
owner.
D: Mandatory Access Control allows access to be granted or restricted based on the rules of classification.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 278- 284.