CERTIFIED-IN-CYBERSECURITY · Question #209
CERTIFIED-IN-CYBERSECURITY Question #209: Real Exam Question with Answer & Explanation
The correct answer is C: Rule-Based Access Control (RAC). Rule-based access control involves setting up a set of rules that dictate what actions are allowed or denied based on specific criteria such as source IP address, destination IP address, and port number (see ISC2 Study Guide, Module 3, under Logical Access Controls). Discretionar
Question
Which of the following logical access control models uses a set of rules to determine whether a subject can access a specific object?
Options
- AMandatory Access Control (MAC)
- BRole-Based Access Control (RBAC)
- CRule-Based Access Control (RAC)
- DDiscretionary Access Control (DAC)
Explanation
Rule-based access control involves setting up a set of rules that dictate what actions are allowed or denied based on specific criteria such as source IP address, destination IP address, and port number (see ISC2 Study Guide, Module 3, under Logical Access Controls). Discretionary Access Control (DAC) allows data owners to grant or restrict access at their discretion. Role- Based Access Control (RBAC) assigns access rights based on job responsibilities. Mandatory Access Control (MAC) enforces access decisions based on security classifications and clearance levels. Rule-based access control is the only option that uses a set of rules to determine whether a subject can access a specific object.
Topics
Community Discussion
No community discussion yet for this question.