SY0-501 · Question #128
SY0-501 Question #128: Real Exam Question with Answer & Explanation
The correct answer is A: MAC. This question tests knowledge of Mandatory Access Control (MAC), which enforces access based on classification levels and security clearances assigned by a central authority.
Question
A user has attempted to access data at a higher classification level than the user's account is currency authorized to access. Which of the following access control models has been applied to this user's account?
Options
- AMAC
- BDAC
- CRBAC
- DABAC
Explanation
This question tests knowledge of Mandatory Access Control (MAC), which enforces access based on classification levels and security clearances assigned by a central authority.
Common mistakes.
- B. Discretionary Access Control (DAC) allows resource owners to grant or restrict access at their own discretion, and does not use system-enforced classification levels to control access.
- C. Role-Based Access Control (RBAC) grants access based on a user's assigned role within an organization, not based on data classification labels or security clearance levels.
- D. Attribute-Based Access Control (ABAC) makes access decisions based on a combination of user, resource, and environmental attributes, which is more flexible and dynamic than the rigid classification-level enforcement described in MAC.
Concept tested. Mandatory Access Control classification level enforcement
Reference. https://csrc.nist.gov/glossary/term/mandatory_access_control
Community Discussion
No community discussion yet for this question.