CompTIA
CV0-003 · Question #322
CV0-003 Question #322: Real Exam Question with Answer & Explanation
The correct answer is A: Discretionary access control. Discretionary Access Control (DAC) is best suited here because it allows the HR department, as the resource owner, to manage access to their own system at their discretion.
Security
Question
A new startup company is growing and wants to deploy a human resources management system on a private cloud that is only accessible to the human resources department. Which of the following is the BEST method of access control?
Options
- ADiscretionary access control
- BMandatory access control
- CNon-discretionary access control
- DComprehensive access control
Explanation
Discretionary Access Control (DAC) is best suited here because it allows the HR department, as the resource owner, to manage access to their own system at their discretion.
Common mistakes.
- B. Mandatory Access Control (MAC) enforces access based on centrally assigned security labels and clearance levels, making it appropriate for military or classified environments rather than a commercial HR system.
- C. Non-discretionary access control such as RBAC is centrally administered by IT staff based on predefined roles rather than by the resource owner, removing direct control from the HR department itself.
- D. 'Comprehensive access control' is not a recognized access control model in any standard security framework such as NIST or ISO 27001.
Concept tested. Discretionary access control for departmental data ownership
Reference. https://csrc.nist.gov/glossary/term/discretionary_access_control
Topics
#access control#DAC#private cloud#HR systems
Community Discussion
No community discussion yet for this question.