CERTIFIED-IN-CYBERSECURITY · Question #187
CERTIFIED-IN-CYBERSECURITY Question #187: Real Exam Question with Answer & Explanation
The correct answer is C: Subject, Object, and Rules. A subject is an individual or entity that is attempting to access assets. Subjects can include individual users, applications, or services. Objects are the things a subject is trying to access. Objects can be files, data, physical devices, or anything a subject requests access to
Question
Access is based on which three elements:
Options
- ASubject, Permissions, and Rules
- BPermissions, Layers, and Rules
- CSubject, Object, and Rules
- DSubject, Layers, and Rules
Explanation
A subject is an individual or entity that is attempting to access assets. Subjects can include individual users, applications, or services. Objects are the things a subject is trying to access. Objects can be files, data, physical devices, or anything a subject requests access to. Rules are instructions created to decide whether a subject should be granted access to an object. Rules are commonly used to define a subject's privileges related to the object; this is often referred to as an access control list. One example of a rule is a firewall access control list (see ISC2 Study Guide,Chapter 3, Module 1).
Topics
Community Discussion
No community discussion yet for this question.