nerdexam
ExamsCISSPQuestions#1173
(ISC)2(ISC)2

CISSP · Question #1173

CISSP Question #1173: Real Exam Question with Answer & Explanation

The correct answer is D: Attribute Based Access Control (ABAC). Attribute Based Access Control (ABAC) is an access control method that is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and conte

Submitted by tarun92· Mar 5, 2026Identity and Access Management

Question

Which access control method is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context?

Options

  • AMandatory Access Control (MAC)
  • BRole Based Access Control (RBAC)
  • CDiscretionary Access Control (DAC)
  • DAttribute Based Access Control (ABAC)

Explanation

Attribute Based Access Control (ABAC) is an access control method that is based on users issuing access requests on system resources, features assigned to those resources, the operational or situational context, and a set of policies specified in terms of those features and context. ABAC uses attributes, which are characteristics or properties of users, resources, actions, or environments, to define access rules and enforce access decisions. ABAC allows for fine-grained, dynamic, and flexible access control that can accommodate complex and changing scenarios and requirements. Mandatory Access Control (MAC) is an access control method that is based on security labels assigned to users and resources, and a set of rules that determine the access permissions based on the comparison of those labels. MAC is rigid, static, and centralized, and it enforces a strict need-to-know policy. Role Based Access Control (RBAC) is an access control method that is based on roles assigned to users and permissions assigned to roles, and a set of rules that determine the access permissions based on the user's role membership. RBAC is simple, scalable, and decentralized, and it enforces the principle of least privilege. Discretionary Access Control (DAC) is an access control method that is based on the identity of users and the ownership of resources, and a set of rules that determine the access permissions based on the user's identity or the owner's discretion. DAC is flexible, user- controlled, and individualized, but it can also be inconsistent, insecure, and difficult to manage.

Topics

#Attribute Based Access Control (ABAC)#access control models#context-aware access

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISSP PracticeBrowse All CISSP Questions