larahy2klarahy2k Member Posts: 21 ■□□□□□□□□□
Hi all
I'm almost ready for the CISSP exam at the beginning of September but I have a query on the following;

Rule-Based Access Control (RuBAC) access is determined by rules. Such rules would fit within what category of access control ?
Answer on ccure is Non-Discretionary Access Control (NDAC)

In my own opinion, should this not be Mandatory Access Control?
I understand Role Based Access Control falls under Non-Discretionary Access Control.

Can someone help me out here?!



  • joedainjoedain Member Posts: 25 ■□□□□□□□□□
    I do not have my CISSP yet, but have been studying for a while to.

    If I had to guess I would say the keyword is "category". Maybe they are saying MAC/RuBAC/DAC..etc are types of access controls, and the different categories are Non-Discretionary Access Control (NDAC) and Discretionary Access Control.
Sign In or Register to comment.