data labeling

WangMichaelWangMichael Member Posts: 9 ■□□□□□□□□□
Which of the following access controls enforces persmissions based on data labeling at specific levels?

A Mandatory access control

B Separation of duties access control

C Discretionary access control

D Role based access control

I am a little confused why the answer is 'A' , looks the 'D' is better ? thanks


  • samurai86samurai86 Member Posts: 104 ■■□□□□□□□□
    Answer is for sure A. When it comes to labeling and classification those are classic signs of a Mandatory Access Control (MAC) setup. i.e Classified, Secret, Top Secret (Military/Government)

    B is a distraction answer. It is more of a policy issue that a technical permissions issue.

    C is when a data owner decides who has access.

    D is based on roles or groups (typically an LDAP environment like Active Directory) i.e. IT Staff Group, Accounting Group, HR Group
    Bachelor's of Applied Science in Technology Management - Information Security Assurance (St. Petersburg College)
    Masters of Science in Digital Forensics (University of Central Florida)
  • WangMichaelWangMichael Member Posts: 9 ■□□□□□□□□□
    thanks ,Samura. Now I got it.icon_lol.gif
Sign In or Register to comment.