Which statement accurately describes RBAC, ABAC, MAC, and DAC as access-control models?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Enhance your NSF Specialist Training skills. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which statement accurately describes RBAC, ABAC, MAC, and DAC as access-control models?

Explanation:
The idea being tested is how each access-control model determines who can access what and who controls those permissions. RBAC assigns permissions by role, and users gain access by being assigned to roles. This reflects organizational structures and makes administration easier because you manage permissions at the role level rather than for every individual. ABAC makes decisions based on attributes: characteristics of the user, the resource, and the environment. Policies evaluate these attributes to grant or deny access, allowing fine-grained and context-aware control. MAC uses centralized, mandatory labels and policies to enforce access. Users and resources have security classifications, and access decisions are determined by these labels and the system-wide rules, with little to no discretionary control by individual owners. DAC lets owners control access to their resources, granting and revoking permissions at their discretion. This is flexible but can lead to weaker security controls if owners are not diligent. The statement that best captures these descriptions is the one that says RBAC uses roles to grant permissions, ABAC uses attributes, MAC enforces with labels and policies, and DAC lets owners grant access. Dissenting from this, the other description swaps or misstates the fundamental mechanics (e.g., who controls access, what is used to decide access), so it isn’t accurate.

The idea being tested is how each access-control model determines who can access what and who controls those permissions.

RBAC assigns permissions by role, and users gain access by being assigned to roles. This reflects organizational structures and makes administration easier because you manage permissions at the role level rather than for every individual.

ABAC makes decisions based on attributes: characteristics of the user, the resource, and the environment. Policies evaluate these attributes to grant or deny access, allowing fine-grained and context-aware control.

MAC uses centralized, mandatory labels and policies to enforce access. Users and resources have security classifications, and access decisions are determined by these labels and the system-wide rules, with little to no discretionary control by individual owners.

DAC lets owners control access to their resources, granting and revoking permissions at their discretion. This is flexible but can lead to weaker security controls if owners are not diligent.

The statement that best captures these descriptions is the one that says RBAC uses roles to grant permissions, ABAC uses attributes, MAC enforces with labels and policies, and DAC lets owners grant access. Dissenting from this, the other description swaps or misstates the fundamental mechanics (e.g., who controls access, what is used to decide access), so it isn’t accurate.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy