General Security Concepts: Examine Authorization and Access control modules

Question 1

What is Authorization?

Answer 1

Authorization is the process or method of granting or denying specific permissions and access rights to authenticated users or entities, and controlling their actions within a system or resource.

Question 2

What is the common access control model DAC ?

Answer 2

DAC: Data owners determine and manage access permissions to their resources.

Question 3

What is the common access control model MAC ?

Answer 3

Mandatory access control (MAC): A central authority determines access permissions based on predefined security labels or classifications.

Question 4

What is the common access control model RBAC ?

Answer 4

Role BAC: A central authority determines access permissions based on predefined security labels or classifications.

Question 5

What is the common access control model Rule-BAC ?

Answer 5

Rule-based access control: A set of explicitly defined rules or conditions determines access decisions.