Which access control model restricts access to objects based on the identity of the subject and is considered the least restrictive?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the NOCTI Cybersecurity Certification Exam. Enhance your skills with quizzes and multiple-choice questions, accompanied by explanations and hints. Ace your certification!

Multiple Choice

Which access control model restricts access to objects based on the identity of the subject and is considered the least restrictive?

Explanation:
Discretionary Access Control focuses on who the subject is and on what the object owner decides to permit. In DAC, the owner or someone granted authority can grant or revoke access permissions on an individual basis, often with broad discretion and without centralized, stringent policy constraints. Because access decisions hinge on owner-specified permissions rather than a rigid, system-wide rule set, DAC is typically viewed as the least restrictive model among common access-control approaches. By comparison, mandatory access control enforces centralized, non-discretionary policies and classifies objects and subjects with clear labels and clearances, making it more restrictive. Role-based access control derives permissions from predefined roles, which adds structure but can limit access in ways that aren’t as flexible as DAC. Attribute-based access control uses attributes and policies to decide access, enabling fine-grained controls that can be very strict depending on how policies are written. So when access decisions are based on the identity of the subject and left to the owner’s discretion, the model described is Discretionary Access Control.

Discretionary Access Control focuses on who the subject is and on what the object owner decides to permit. In DAC, the owner or someone granted authority can grant or revoke access permissions on an individual basis, often with broad discretion and without centralized, stringent policy constraints. Because access decisions hinge on owner-specified permissions rather than a rigid, system-wide rule set, DAC is typically viewed as the least restrictive model among common access-control approaches.

By comparison, mandatory access control enforces centralized, non-discretionary policies and classifies objects and subjects with clear labels and clearances, making it more restrictive. Role-based access control derives permissions from predefined roles, which adds structure but can limit access in ways that aren’t as flexible as DAC. Attribute-based access control uses attributes and policies to decide access, enabling fine-grained controls that can be very strict depending on how policies are written.

So when access decisions are based on the identity of the subject and left to the owner’s discretion, the model described is Discretionary Access Control.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy