(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which access control system is determined by file owners and is considered flexible?

Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Discretionary Access Control (DAC)
None of the above

The correct answer is: Discretionary Access Control (DAC)

Discretionary Access Control (DAC) is characterized by its flexibility and the authority it grants to file or resource owners. In a DAC system, the owner of a file has the discretion to control who can access that file and what level of access they have, which can include read, write, and execute permissions. This means that file owners can make decisions based on their preferences and the specific context, allowing a more tailored approach to access management. This system's flexibility is a significant advantage, as it empowers individuals to manage their own resources without needing a centralized authority. Owners can grant or revoke access to others at their discretion, making it suitable for environments where user collaboration and resource sharing are important. Mandatory Access Control (MAC), in contrast, is based on a set of rules enforced by a central authority, and users cannot modify these permissions. Role-Based Access Control (RBAC) assigns access based on pre-defined roles rather than individual discretion, limiting the flexibility that file owners have in sharing their resources. Therefore, DAC is the correct choice due to its emphasis on the owner's ability to control access as they see fit.