(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What access control type is considered the most stringent?

  1. Mandatory Access Control (MAC)

  2. Role-Based Access Control (RBAC)

  3. Discretionary Access Control (DAC)

  4. None of the above

The correct answer is: Mandatory Access Control (MAC)

Mandatory Access Control (MAC) is regarded as the most stringent access control type because it enforces strict policies dictated by a central authority, typically based on predetermined security classifications and labels. In this model, users cannot change access permissions, as they are defined by the system administrators based on the sensitivity of the information and the user's clearance level. This creates a highly regulated environment where access is tightly controlled and managed, reducing the risk of unauthorized access. This level of control is particularly critical in environments that handle sensitive or classified information, such as government or military operations. Unlike other access control models, where users may have some degree of discretion in managing their own access rights (as seen in Discretionary Access Control), or where permissions are based on assigned roles (as in Role-Based Access Control), MAC does not allow for user-based alterations. As a result, MAC enforces a strong layer of security that minimizes the chances of lapses due to user error or malicious intent.

More Questions Like This