1. Which access control model is based on attributes of the object (resource) to be accessed, the subject (user) accessing the resource, and environmental factors regarding how the object is to be accessed, such as time of day?
- non-discretionary access control
- discretionary access control
- mandatory access control
- attribute-based control
Explanation: Attribute-based control allows access based on attributes of the object (resource) be accessed, the subject (user) accessing the resource, and environmental factors regarding how the object is to be accessed, such as time of day.
2. Which access control model is based on an individual’s roles and responsibilities within the organization?
- discretionary access control
- attribute-based control
- non-discretionary access control
- rule-based access control
Explanation: Non-discretionary access control allows access decisions based on an individual’s roles and responsibilities within the organization.
3. Which access control model applies the strictest access control and is typically used in military or mission critical applications?
- role-based access control
- time-based access control
- mandatory access control
- rule-based access control
Explanation: Mandatory access control applies the strictest access control and is typically used in military or mission critical applications. It assigns security level labels to information and enables users with access based on their security levels clearance.