(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What type of access control model allows users to control access to their own resources?

  1. MAC (mandatory access control)

  2. DAC (discretionary access control)

  3. RBAC (role-based access control)

  4. ACL (access control list)

The correct answer is: DAC (discretionary access control)

Discretionary Access Control (DAC) is the correct answer because this model allows owners of resources to make decisions about who can access their data and what actions those users can perform. Each resource owner has the discretion to grant or revoke access rights to other users, empowering individuals to control access based on their preferences or needs. In contrast, Mandatory Access Control (MAC) restricts access based on rigid policies set by a centralized authority, meaning users do not have the ability to change permissions for their resources. Role-Based Access Control (RBAC) assigns permissions based on roles within an organization, rather than allowing individual resource owners to customize access on a case-by-case basis. Access Control Lists (ACLs) are a mechanism for defining permissions for various entities but do not, on their own, allow control by the resource owner unless combined with DAC principles. Therefore, the emphasis in DAC on user autonomy clearly distinguishes it as the model where users have the power to control access to their own resources.

More Questions Like This