CompTIA Security Plus Mock Test Q911

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

A. Smartcard
B. Token
C. Discretionary access control
D. Mandatory access control

Correct Answer: A
Section: Access Control and Identity Management

Explanation:
Smart cards are credit-card-sized IDs, badges, or security passes with an embedded integrated circuit chip that can include data regarding the authorized bearer. This data can then
be used for identification and/or authentication purposes.

Incorrect Answers:
B: A token is a type of authentication factor, usually a hardware device.
C: Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based on user identity and on the discretion of the object owner. DAC does not
involve badges.
D: Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC does not involve badges.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 278-282