(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What type of access control allows users to make decisions on granting access to resources?

  1. Mandatory Access Control (MAC)

  2. Role-Based Access Control (RBAC)

  3. Discretionary Access Control (DAC)

  4. None of the above

The correct answer is: Discretionary Access Control (DAC)

Discretionary Access Control (DAC) is the correct answer because it allows the owner of a resource to have full control over the access to that resource. In a DAC model, users can make decisions about who can access their resources, which means they can grant or restrict access to other users at their discretion. This approach contrasts with more rigid models like Mandatory Access Control (MAC) and Role-Based Access Control (RBAC), where access decisions are based on predefined policies or roles, rather than individual user choice. In MAC, access is controlled by the system, enforcing strict policy rules that users cannot modify. RBAC assigns access based on roles, limiting users to permissions linked to their designated role without allowing personal customization. Since DAC empowers users to determine access, it is particularly suited for environments where individual ownership and management of resources are prioritized.

More Questions Like This