Discretionary access conrol
teancum144
Member Posts: 229 ■■■□□□□□□□
in Security+
I came across a question worded similarly to the following:
The groups and permissions of a SharePoint site have been set up by the security department. No one may change the permissions and all requests for access are centrally managed by by the security department. This can best be described as:
a) DAC
b) MAC
c) Rule based access control
d) User assigned privileges
The answer is 'a' (through process of elimination, I picked 'd'). This does not fit my understanding of DAC. Thoughts?
The groups and permissions of a SharePoint site have been set up by the security department. No one may change the permissions and all requests for access are centrally managed by by the security department. This can best be described as:
a) DAC
b) MAC
c) Rule based access control
d) User assigned privileges
The answer is 'a' (through process of elimination, I picked 'd'). This does not fit my understanding of DAC. Thoughts?
If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post.
Comments
-
TechGuru80 Member Posts: 1,539 ■■■■■■□□□□Essentially DAC is: somebody creates an object and only they can give access.
-
samurai86 Member Posts: 104 ■■□□□□□□□□I do understand this as DAC as well. I think they are trying to trip you up slightly by throwing the "security" department in there. But in the question they infer that the security department is the owner of the SharePoint system. Since they (the owner aka the Security department) delegate permissions, this would be a DAC environment.
At least this is how I see it.
Edit: Also in a MAC environment confidentiality is key. A question with MAC as the answer would likely mention confidentiality, military, labels, classification, along with being centrally managed.Bachelor's of Applied Science in Technology Management - Information Security Assurance (St. Petersburg College)
Masters of Science in Digital Forensics (University of Central Florida) -
TechGuru80 Member Posts: 1,539 ■■■■■■□□□□Edit: Also in a MAC environment confidentiality is key. A question with MAC as the answer would likely mention confidentiality, military, labels, classification, along with being centrally managed.
That is what I have seen anytime talking about MAC...classification or government. MAC also requires the most effort because you can inherit access with DAC. -
samurai86 Member Posts: 104 ■■□□□□□□□□Tis trueBachelor's of Applied Science in Technology Management - Information Security Assurance (St. Petersburg College)
Masters of Science in Digital Forensics (University of Central Florida) -
5502george Member Posts: 264MAC questions will normally be associated with labeling or classification from what I have seen.