A university has implemented an access control model for its academic file systems. Under this model, professors can determine which colleagues and students can view or modify their research materials and can delegate this permission authority to their research assistants. Which access control model has been implemented?
The correct answer is Discretionary Access Control (DAC). In DAC, resource owners (professors) control who can access their resources and with what permissions, and can delegate this authority to others.
MAC is incorrect because it uses centralized security classifications and clearances managed by the system, not resource owners. RBAC is incorrect because it assigns permissions based on organizational roles rather than individual owner decisions. ABAC is incorrect as it evaluates permissions based on attributes of users, resources, and environmental conditions through policy rules, not owner delegation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Discretionary Access Control (DAC)?
Open an interactive chat with Bash
How does DAC differ from other access control models?
Open an interactive chat with Bash
What are some advantages and disadvantages of using DAC?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Oh snap!
Loading...
Loading...
Loading...
Information Technology Package Join Premium for Full Access