PrepAway - Latest Free Exam Questions & Answers

Of the following, what is the primary item that a capability listing is based upon?

Of the following, what is the primary item that a capability listing is based upon?

PrepAway - Latest Free Exam Questions & Answers

A.
A subject

B.
An object

C.
A product

D.
An application

Explanation:
A: A capability table specifies the access rights a certain subject possesses pertaining to specific objects. A capability list (also referred to as a capability table) is different from an
access control list (ACL) because the subject is bound to the capability table, whereas the object is bound to the ACL. A capability can be in the form of a token, ticket, or key. When a
subject presents a capability component, the operating system (or application) will review the access rights and operations outlined in the capability component and allow the subject to
carry out just those functions. A capability component is a data structure that contains a unique object identifier and the access rights the subject has to that object. The object may be
a file, array, memory segment, or port.
B is incorrect because an object is bound to an access control list (ACL), not a capability component. ACLs are used in several operating systems, applications, and router
configurations. They are lists of subjects that are authorized to access a specific object, and they define what level of authorization is granted. Authorization can be specified to an
individual or group. ACLs map values from the access control matrix to the object. Whereas a capability corresponds to a row in the access control matrix, the ACL corresponds to a
column of the matrix.
C is incorrect because a product can be an object or subject. If a user attempts to access a product (such as a program), the user is the subject and the product is the object. If a
product attempts to access a database, the product is the subject and the database is the object. While a product could be a subject in a capability list for example, the best answer is
A: A capability list indicates what objects a subject can access and the operations that can be carried out on those objects.
D is incorrect because this is similar to answer C: If a user attempts to access an application, the user is the subject and the application is the object. If an application attempts to
access a database, the application is the subject and the database is the object. While an application could be a subject in a capability list for example, the best answer is A: A
capability list indicates what objects a subject can access and the operations that can be carried out on those objects.


Leave a Reply