CISSP · Question #325
An organization's security policy delegates to the data owner the ability to assign which user roles have access to a particular resource. What type of authorization mechanism is being used?
The correct answer is A. Discretionary Access Control (DAC). Discretionary Access Control (DAC) is a type of authorization mechanism that grants or denies access to resources based on the identity of the user and the permissions assigned by the owner of the resource. The owner of the resource has the discretion to decide who can access the
Question
An organization's security policy delegates to the data owner the ability to assign which user roles have access to a particular resource. What type of authorization mechanism is being used?
Options
- ADiscretionary Access Control (DAC)
- BRole Based Access Control (RBAC)
- CMedia Access Control (MAC)
- DMandatory Access Control (MAC)
How the community answered
(22 responses)- A95% (21)
- D5% (1)
Explanation
Discretionary Access Control (DAC) is a type of authorization mechanism that grants or denies access to resources based on the identity of the user and the permissions assigned by the owner of the resource. The owner of the resource has the discretion to decide who can access the resource and what level of access they can have. For example, the owner of a file can assign read, write, or execute permissions to different users or groups. DAC is flexible and easy to implement, but it also poses security risks, such as unauthorized access, data leakage, or privilege escalation, if the owner is not careful or knowledgeable about the security implications of their decisions.
Topics
Community Discussion
No community discussion yet for this question.