A global financial institution is implementing a new security model where access to sensitive financial data is determined by user clearance levels that are assigned by the security team. Users cannot share or transfer access rights to other users. Which access control model BEST describes this implementation?
The correct answer is Mandatory Access Control (MAC). This model is characterized by centrally controlled access rights based on clearance levels, where the system or security administrators determine the access levels rather than the data owners. In MAC, users cannot share or transfer their access rights to others, as access is strictly governed by security labels and clearance levels.
Discretionary Access Control (DAC) is incorrect because in DAC, the data owner determines who can access the resources and can delegate those permissions to others.
Role-Based Access Control (RBAC) is incorrect because while it does involve assigning permissions to roles rather than individual users, it doesn't inherently involve clearance levels and doesn't prevent delegation if the implementation allows it.
Attribute-Based Access Control (ABAC) is incorrect because it makes access decisions based on attributes of users, resources, and environmental conditions rather than clearance levels alone.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are clearance levels in Mandatory Access Control (MAC)?
Open an interactive chat with Bash
How does Mandatory Access Control (MAC) differ from Discretionary Access Control (DAC)?
Open an interactive chat with Bash
What are the advantages of using Mandatory Access Control (MAC)?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access