CERTIFIED-IN-CYBERSECURITY · Question #125
CERTIFIED-IN-CYBERSECURITY Question #125: Real Exam Question with Answer & Explanation
The correct answer is B: Role-Based Access Control (RBAC). Role-Based Access Control (RBAC) restricts access to the resources of a computer or network according to the roles of each individual user in the organization (see ISC2 Study Guide, chapter 3, module 3). Attribute-Based Access Control (ABAC) is based on complex attribute rules. I
Question
Requiring a specific user role to access resources is an example of which access control model:
Options
- AMandatory Access Control (MAC)
- BRole-Based Access Control (RBAC)
- CDiscretionary Access Control (DAC)
- DAttribute-Based Access Control (ABAC)
Explanation
Role-Based Access Control (RBAC) restricts access to the resources of a computer or network according to the roles of each individual user in the organization (see ISC2 Study Guide, chapter 3, module 3). Attribute-Based Access Control (ABAC) is based on complex attribute rules. In Discretionary Access Control (DAC), users can grant privileges to other subjects, as well as change the security attributes of objects they have access to. In Mandatory Access Control (MAC), no roles are required, since access is established by both the security level of documents and the level of clearance of the user.
Topics
Community Discussion
No community discussion yet for this question.