(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which type of access control allows the object's owner to determine access rights?

Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Role-Based Access Control (RBAC)
Access Control List (ACL)

The correct answer is: Discretionary Access Control (DAC)

Discretionary Access Control (DAC) is a type of access control that empowers the owner of an object—such as files or directories—to determine who can access that object and what privileges they have. In this model, the owner has the discretion to grant or restrict access rights to users. This flexibility allows for a more dynamic access control environment, where permissions can be easily adjusted based on the owner's preferences or needs. Unlike Mandatory Access Control (MAC), where access rights are determined by the system administrator and not at the owner's discretion, or Role-Based Access Control (RBAC), which assigns access based on roles rather than individual ownership, DAC clearly delineates ownership and enables the owner to have direct say in how their resources are accessed. Access Control Lists (ACLs) can also be part of a DAC system, allowing the specification of users and their associated permissions, but they function under the umbrella of discretionary controls rather than defining how access itself is determined. This ownership model of DAC makes it a common choice in scenarios where user control over their own resources is desired, enhancing user autonomy and operational flexibility.