Access Controls Quiz

Which of the following answers refer(s) to the Mandatory Access Control (MAC) model? (Select all that apply)

• Users are not allowed to change access policies at their own discretion

• Labels and clearance levels can only be applied and changed by an administrator

• Every resource has a sensitivity label matching a clearance level assigned to a user

Discretionary Access Control (DAC) is an access control model based on user identity. In DAC, every object has an owner who at his/her own discretion determines what kind of permissions other users can have for that object.

True

Which type of control access model connects user permissions to their specific responsibilities?

RBAC

Which access control model allows for defining granular rules that consider user roles, time constraints, and network access restrictions?

RuBAC

Examples of properties used for defining access policies in Attribute-Based Access Control (ABAC) model include

• Subject (i.e., user or process requesting access)

• Type of action (for example "read", "write", "execute")

• Resource type (medical record, bank account etc.)

• Environment (contextual data, such as time of day or geolocation)

Which access control model defines access control rules with the use of statements that closely resemble natural language?

ABAC

Which of the access control models listed below enforces the strictest set of access rules?

MAC

Which of the following access control methods would be the most suitable for scheduling system maintenance tasks during periods of low user activity?

Time-of-day restrictions

The principle of least privilege is a security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities.

True