CompTIA Security Plus Mock Test Q896

Which of the following common access control models is commonly used on systems to ensure a “need to know” based on classification levels?

A. Role Based Access Controls
B. Mandatory Access Controls
C. Discretionary Access Controls
D. Access Control List


Correct Answer: B
Section: Access Control and Identity Management

Explanation:
Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC also includes the use of need to know. Need to know is a security
restriction where some objects are restricted unless the subject has a need to know them.

Incorrect Answers:
A: Basically, Role-based Access Control is based on a user’s job description. It does not include the use of need to know.
C: Discretionary access control (DAC) is identity based, not based on classification levels.
D: Access Control List (ACL) specifies which users are allowed or refused the different types of available access based on the object type.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 278-284