Which access control model uses fixed security labels and clearance levels to determine access?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the CompTIA Cloud+ exam. Enhance your skills with flashcards and multiple choice questions, each supported by hints and explanations. Prepare effectively for your certification!

Multiple Choice

Which access control model uses fixed security labels and clearance levels to determine access?

Explanation:
Access decisions are determined by fixed security labels and clearance levels, which is the hallmark of Mandatory Access Control. In this model, every subject (like a user or process) and every object (like a file or resource) carries a security label or classification. The system enforces a policy that requires the subject’s clearance to meet or exceed the object's classification, and often also considers additional compartments or categories. Because these labels are fixed and centrally managed, users cannot override permissions or grant access themselves, ensuring a non-discretionary, uniform security posture—crucial in high-security environments. Discretionary Access Control, by contrast, lets the owner decide who can access a resource using access control lists or capabilities. Role-based Access Control assigns permissions based on a user’s role, not fixed labels. Attribute-Based Access Control makes decisions from multiple attributes of the user, resource, and context, which is more dynamic than fixed clearance levels.

Access decisions are determined by fixed security labels and clearance levels, which is the hallmark of Mandatory Access Control. In this model, every subject (like a user or process) and every object (like a file or resource) carries a security label or classification. The system enforces a policy that requires the subject’s clearance to meet or exceed the object's classification, and often also considers additional compartments or categories. Because these labels are fixed and centrally managed, users cannot override permissions or grant access themselves, ensuring a non-discretionary, uniform security posture—crucial in high-security environments.

Discretionary Access Control, by contrast, lets the owner decide who can access a resource using access control lists or capabilities. Role-based Access Control assigns permissions based on a user’s role, not fixed labels. Attribute-Based Access Control makes decisions from multiple attributes of the user, resource, and context, which is more dynamic than fixed clearance levels.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy