If access decisions are made based on the user's specific identity, rather than their role, which model is in use?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Boost your cybersecurity skills with our NOCTI Cybersecurity Standard Certification Quiz. Explore detailed questions and explanations to enhance your preparation and succeed on your certification exam!

Multiple Choice

If access decisions are made based on the user's specific identity, rather than their role, which model is in use?

When access decisions hinge on the exact user identity rather than a defined role, the model in use is Discretionary Access Control. In DAC, resource owners control who can access a resource by granting permissions to specific individuals or groups, focusing on who the user is. This differs from role-based access control, which assigns access based on predefined roles (like manager or staff). It also differs from attribute-based access control, which makes decisions using multiple attributes about the user and environment, and from mandatory access control, which relies on centralized security labels. So, granting or denying access by who the user is points to DAC.

If access decisions are made based on the user's specific identity, rather than their role, which model is in use?

Boost your cybersecurity skills with our NOCTI Cybersecurity Standard Certification Quiz. Explore detailed questions and explanations to enhance your preparation and succeed on your certification exam!

If access decisions are made based on the user's specific identity, rather than their role, which model is in use?

Get the latest from Examzify