Options
Mac/dac/rbac
Hi all,
I am preparing for security+ and referring Darril Gibson's book (nicely written). There was this question and I am not able to digest the answer. Could someone pls help
Q. The system administrator establishes access permissions to network resources in the ________ access control model.
If MAC, what are the security levels assigned to object and subjects. Why not DAC and RBAC.
Many thanks in advance
I am preparing for security+ and referring Darril Gibson's book (nicely written). There was this question and I am not able to digest the answer. Could someone pls help
Q. The system administrator establishes access permissions to network resources in the ________ access control model.
If MAC, what are the security levels assigned to object and subjects. Why not DAC and RBAC.
Many thanks in advance
Comments
-
Options
MattSC
Member Posts: 25 ■□□□□□□□□□
Hi all,
I am preparing for security+ and referring Darril Gibson's book (nicely written). There was this question and I am not able to digest the answer. Could someone pls help
Q. The system administrator establishes access permissions to network resources in the ________ access control model.
If MAC, what are the security levels assigned to object and subjects. Why not DAC and RBAC.
Many thanks in advance
I would answer with MAC with possible levels being secret, top secret and confidential. With DAC, the owner of each resource controls the permissions. With RBAC, your role/duty in the organization determines the access you receive.
I don't have my book at hand, so I can't re-read Darril's take on the situation now, but during my prep for the exam, I associated MAC with an administrator. -
Optionsketanwip
Member Posts: 11 ■□□□□□□□□□
Thanks Matt. Considering some organization which having provisioning system, Payroll system, HR system etc. Each system or resource has its owner or admin who approve access to their system or resource. Is this access control model MAC? or DAC?
-
Options
Dr IT
Member Posts: 351 ■■■■□□□□□□
I would go for MAC as MAC can be classfied using a labels and set by admin.
RBAC is not in - as it uses role or rules defined .
DAC is done by the object/file owner , so this leaves us with MAC as the only option.
Hope that helpsVenturing in to the Unknown
Target 2018 : SSCP VCP- DTM
The Difference between the Ordinary and the Extra-Ordinary is that Little " Extra ". -
Optionsfss
Registered Users Posts: 9 ■□□□□□□□□□
I would answer with MAC with possible levels being secret, top secret and confidential.
I agree with the answer being MAC, but the USG classification system is more akin to RBAC than MAC. MAC access levels would be more along the lines of "read", "write", and "execute."