CERTIFIED-IN-CYBERSECURITY · Question #325
CERTIFIED-IN-CYBERSECURITY Question #325: Real Exam Question with Answer & Explanation
The correct answer is D: Discretionary. Discretionary access controls (DAC) (see ISC2 Study Guide, Module 3) enables the owner of a file to grant access to others through an access control list. In DAC, the owner or administrator of an object or resource decides who can access it and what actions they can perform. Othe
Question
What access control model allows the owner of a file to grant access to others via an access control list?
Options
- ARule based
- BRole based
- CNon discretionary
- DDiscretionary
Explanation
Discretionary access controls (DAC) (see ISC2 Study Guide, Module 3) enables the owner of a file to grant access to others through an access control list. In DAC, the owner or administrator of an object or resource decides who can access it and what actions they can perform. Other access control models, such as non-discretionary, rule-based, and role-based, may not allow such granular control. DAC is the only option that allows the owner of a file to grant access to others through an access control list. Non-discretionary access controls are based on predefined rules and do not allow individual user access control. Rule-based access controls are based on rules that determine who can access a resource and what actions they can perform. Role-based access controls assign permissions based on predefined roles or job functions
Topics
Community Discussion
No community discussion yet for this question.