(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What access control model requires the system to enforce authorization based on security policies?

  1. Discretionary Access Control

  2. Mandatory Access Control

  3. Role-Based Access Control

  4. Rule-Based Access Control

The correct answer is: Mandatory Access Control

Mandatory Access Control (MAC) is the access control model that requires the system to enforce authorization based on predetermined security policies. In this model, access to resources is restricted based on the sensitivity of the information and the user’s security clearance. Users cannot change access rights, and the system rigorously enforces the established policies, which are based on classifications and categories assigned to both users and data. In a MAC environment, security labels are assigned to data and users. For instance, a top-secret document cannot be accessed by someone with a confidential clearance. This strict classification system ensures a high level of security because it minimizes the risk of unauthorized access based on individual discretion, which is a key aspect distinguishing MAC from other models like Discretionary Access Control (DAC). The reliance on overarching security policies rather than individual user decisions is what sets this model apart, making it particularly suitable for environments such as government and military applications where protecting sensitive information is crucial.

More Questions Like This