nerdexam
CompTIA

SY0-301 · Question #585

Which of the following common access control models is commonly used on systems to ensure a "need to know" based on classification levels?

The correct answer is B. Mandatory Access Controls. Mandatory Access Controls (MAC) (Option B) use security labels (e.g., Top Secret, Secret, Confidential) assigned to both subjects (users) and objects (data). Access is granted only when a user's clearance level meets or exceeds the data's classification-this is the 'need to know'

Security architecture

Question

Which of the following common access control models is commonly used on systems to ensure a "need to know" based on classification levels?

Options

  • ARole Based Access Controls
  • BMandatory Access Controls
  • CDiscretionary Access Controls
  • DAccess Control List

How the community answered

(53 responses)
  • A
    8% (4)
  • B
    87% (46)
  • C
    4% (2)
  • D
    2% (1)

Explanation

Mandatory Access Controls (MAC) (Option B) use security labels (e.g., Top Secret, Secret, Confidential) assigned to both subjects (users) and objects (data). Access is granted only when a user's clearance level meets or exceeds the data's classification-this is the 'need to know' model used in government and military environments. Option A (Role Based Access Controls / RBAC) grants access based on a user's job role, not classification labels. Option C (Discretionary Access Controls / DAC) lets resource owners decide who can access their data. Option D (Access Control List / ACL) is an implementation mechanism, not an access control model. MAC is the definitive answer for classification-level enforcement.

Topics

#mandatory access control#classification levels#need to know#access control models

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice