SY0-301 · Question #77
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?
The correct answer is C. Mandatory Access Controls. Mandatory Access Control (MAC) enforces access based on security labels or classifications (e.g., Top Secret, Secret, Confidential) assigned to both data and users, combined with need-to-know rules. This matches the scenario exactly. Role-based Access Control (RBAC) (B) assigns p
Question
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?
Options
- AImplicit deny
- BRole-based Access Control
- CMandatory Access Controls
- DLeast privilege
How the community answered
(38 responses)- A3% (1)
- B5% (2)
- C89% (34)
- D3% (1)
Explanation
Mandatory Access Control (MAC) enforces access based on security labels or classifications (e.g., Top Secret, Secret, Confidential) assigned to both data and users, combined with need-to-know rules. This matches the scenario exactly. Role-based Access Control (RBAC) (B) assigns permissions based on job roles, not classification levels. Implicit deny (A) is a rule that blocks all traffic not explicitly permitted. Least privilege (D) is a general principle of granting minimum required access, not a specific model based on data classification.
Topics
Community Discussion
No community discussion yet for this question.