CERTIFIED-IN-CYBERSECURITY Question #197: Real Exam Question with Answer & Explanation

Question

What access control model is common in firewalls?

Options

• AMandatory access control (MAC)
• BDiscretionary access control (DAC)
• CRole-based access control (RBAC)
• DRule-based access controls (RuBAC)

Explanation

Rule-based access control involves setting up a set of rules that dictate what actions are allowed or denied based on specific criteria such as source IP address, destination IP address, and port number (see ISC2 Study Guide, Module 3, under Logical Access Controls). Firewalls use rule- based access control to allow or deny traffic based on specific rules configured by the administrator. Imagine that the following rules are configured in a firewall to control traffic entering and leaving the network: ?Deny all incoming traffic from IP addresses that are known to be associated with malicious activities; ?Allow outgoing traffic to certain approved websites or IP addresses; ?Allow incoming traffic to the company's public-facing web server on port 80 (HTTP) and 443 (HTTPS). These rules are typically processed in order, and the first rule that matches an incoming or outgoing packet determines whether that packet is allowed or denied, thus implementing a form of rule-based access control. Discretionary Access Control (DAC) will enable data owners to grant or restrict access at their discretion, Role-Based Access Control (RBAC) assigns access rights based on job responsibilities, and Mandatory Access Control (MAC) enforces access decisions based on security classifications and clearance levels.

No community discussion yet for this question.