(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What type of access control is characterized by rules set by system administrators rather than users?

Discretionary Access Control
Mandatory Access Control
Role-Based Access Control
Attribute-Based Access Control

The correct answer is: Mandatory Access Control

The correct answer is Mandatory Access Control (MAC). This type of access control is defined by its strict policies and rules that are determined by system administrators and not left to individual users. In a MAC environment, access to resources or information is governed by a central policy, which enforces access restrictions based on various security classifications. The systems are configured so that users cannot alter their own access levels, ensuring that sensitive information is protected according to the organization's security policies. This provides a high level of security, as access is tightly controlled and based on the system's security policy rather than user discretion. In contrast, Discretionary Access Control (DAC) allows users to dictate who can access their resources, which places more control in the hands of the individual rather than a centralized authority. Role-Based Access Control (RBAC) assigns permissions based on roles within the organization, while Attribute-Based Access Control (ABAC) evaluates access based on various attributes of users, resources, and the environment. Each of these approaches differs fundamentally from MAC in terms of how access rights are assigned and enforced.