PrepAway - Latest Free Exam Questions & Answers

What is the column in this type of matrix referred to as?

An access control matrix is used in many operating systems and applications to control access between subjects and objects. What is the column in this type of matrix referred to as?

PrepAway - Latest Free Exam Questions & Answers

A.
Capability table

B.
Constrained interface

C.
Role-based value

D.
ACL

Explanation:
D: Access control lists (ACLs) map values from the access control matrix to the object. Whereas a capability corresponds to a row in the access control matrix, the ACL corresponds
to a column of the matrix. ACLs are used in several operating systems, applications, and router configurations. They are lists of subjects that are authorized to access specific objects,
and they define what level of authorization is granted. Authorization can be specified to an individual or group. So the ACL is bound to an object and indicates what subjects can
access it and a capability table is bound to a subject and indicates what objects that subject can access.
A is incorrect because a capability can be in the form of a token, ticket, or key and is a row within an access control matrix. When a subject presents a capability component, the
operating system (or application) will review the access rights and operations outlined in the capability component and allow the subject to carry out just those functions. A capability
component is a data structure that contains a unique object identifier and the access rights the subject has to that object. The object may be a file, array, memory segment, or port.
Each user, process, and application in a capability system has a list of capabilities it can carry out.
B is incorrect because constrained user interfaces restrict users’ access abilities by not allowing them to request certain functions or information, or to have access to specific
system resources. Three major types of restricted interfaces exist: menus and shells, database views, and physically constrained interfaces. When menu and shell restrictions are
used, the options users are given are the commands they can execute. For example, if an administrator wants users to be able to execute only one program, that program would be
the only choice available on the menu. If restricted shells were used, the shell would contain only the commands the administrator wants the users to be able to execute.
C is incorrect because a role-based access control (RBAC) model, also called nondiscretionary access control, uses a centrally administered set of controls to determine how
subjects and objects interact. This type of model lets access to resources be based on the role the user holds within the company. It is referred to as nondiscretionary because
assigning a user to a role is unavoidably imposed. This means that if you are assigned only to the Contractor role in a company, there is nothing you can do about it. You don’t have
the discretion to determine what role you will be assigned.


Leave a Reply