With MAC, who may NOT make decisions that derive from policy?

adminSeptember 14, 2013

A.
All users except the administrator.

B.
The administrator.

C.
The power users.

D.
The guests.

Explanation:
As the name implies, the Mandatory Access Control defines an imposed access control
level. MAC is defined as follows in the Handbook of Information Security Management:
With mandatory controls, only administrators and not owners of resources may make
decisions that bear on or derive from policy. Only an administrator may change the
category of a resource, and no one may grant a right of access that is explicitly
forbidden in the access control policy.

One Comment on “With MAC, who may NOT make decisions that derive from policy?”

Ahmed says:

January 7, 2015 at 6:58 am

Again the compiler of this question does not seem to notice the difference between the User and the Owner. They are not the same..

0

0

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

With MAC, who may NOT make decisions that derive from policy?

One Comment on “With MAC, who may NOT make decisions that derive from policy?”

Leave a Reply Cancel reply