Weekly CISSP Exam Questions
Role-based access control is primarily associated with which model?
A. MAC
B. DAC
C. ABAC
D. RBAC
Correct Answer: D
Explanation:
Role-Based Access Control (RBAC) is an access control model where access permissions are based on the roles that individual users have within an organization. The permissions to perform certain operations are assigned to specific roles, and users are assigned roles, thereby receiving the permissions of that role.
Here's a breakdown of the other options:
MAC (Mandatory Access Control): In this model, access to resource objects is regulated by the operating system according to a security policy. Labels or classifications (like "Confidential," "Secret," "Top Secret") are associated with each resource.
DAC (Discretionary Access Control): In this model, the owner of a resource can change its permissions at their discretion. DAC is typically not as strict as MAC.
ABAC (Attribute-Based Access Control): This is a more flexible and complex system than RBAC. It uses attributes as building blocks for defining access control rules and can consider a multitude of attributes like user department, time of day, location of access, type of access required, etc.
RBAC (Role-Based Access Control): In RBAC, roles are created for various job functions, and permissions to perform certain operations are assigned to specific roles. Users are then assigned particular roles, making it easier to manage the complexities of access control.
Podcasts
Check out my weekly podcasts that delve deep into the relevant topics related to each of CISSP domains. In addition, I will go over specific questions and they can be interpreted and answered.
CISSP Cyber Training Academy
Tired of not knowing how to study for the CISSP Exam?
Check out the CISSP Cyber Training Academy to help you on your journey!
CISSP Cyber Training - YouTube
Check out my video collection on YouTube discussing all the details needed to help you pass the CISSP exam.
