Access Control Models

Question 1

What is the Mandatory Access Control (MAC)?

Answer 1

uses security labels to determine which users are authorized to access a particular resource.

Question 2

What is Discretionary Access Control (DAC)?

Answer 2

resource’s owner is allowed to specify which user can access each resource.

Question 3

What is Role Based Access Control (RBAC)?

Answer 3

Assigns users to roles and uses these roles to grant permissions to resources

Question 4

What is Rule Based Access Control (RBAC)?

Answer 4

Access is determined by rules set by the system administrator

Question 5

What is an Attribute-Based Access Control (ABAC)?

Answer 5

Uses object characteristics for access control decisions

Question 6

What are User Attributes?

Answer 6

Users name, role, organization, ID, or security clearance level

Question 7

What are Environment Attributes?

Answer 7

Time of access, data location, and current organizations threat level

Question 8

What are Resource Attributes?

Answer 8

File creation date, resource owner, file name, and data sensitivity

Question 9

What is Time-of-day Restrictions?

Answer 9

Controls restrict resource access based on requests times

Question 10

What is the Principle Of Least Privilege?

Answer 10

Granting users the minimum access required for their tasks, without extra privileges

Question 11

What is Permission or Authorization Creep?

Answer 11

Occurs where a user gains excessive rights during their career progression in the company