CISSP Question #207: Real Exam Question with Answer & Explanation

The correct answer is B: Identification of subjects and objects. Discretionary Access Control (DAC) is based on the identification of subjects and objects. DAC is a type of access control model that grants or denies access to the objects based on the identity or attributes of the subjects, as well as the permissions or rules defined by the own

Submitted by sofia.br· Mar 5, 2026Identity and Access Management

Question

Discretionary Access Control (DAC) is based on which of the following?

Options

AInformation source and destination
BIdentification of subjects and objects
CSecurity labels and privileges
DStandards and guidelines

Explanation

Discretionary Access Control (DAC) is based on the identification of subjects and objects. DAC is a type of access control model that grants or denies access to the objects based on the identity or attributes of the subjects, as well as the permissions or rules defined by the owners of the objects. Subjects are the entities that request or initiate the access, such as users, processes, or programs. Objects are the entities that are accessed, such as files, folders, databases, or devices. In DAC, the owners of the objects have the discretion or authority to determine who can access their objects and what actions they can perform on them. DAC can provide flexibility and convenience for the subjects and the owners, but it can also introduce security risks, such as unauthorized access, privilege escalation, or information leakage.

Topics

#Discretionary Access Control (DAC)#access control models#subjects#objects

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions