Domain 1.0 – General Security Concepts (Security+)

by Bruce Brown | 0 comment

1.1 Recognize and be able to differentiate and explain the following access control models

 o MAC (Mandatory Access Control)

· Access controls based on security labels (Sensitivity labels) associated with each data item

· Lattice = MAC model

· Uses levels of security to classify users and data is a characteristic of MAC

o DAC (Discretionary Access Control)

· Access controls that are created and administered by the data owner are considered.

· Each object has an owner, which has full control over the object

· Inherent flaw in DAC is that it relies only on the identity of the user or process, leaving room for a Trojan horse

o RBAC (Role Based Access Control)

· Access control decisions are based on responsibilities that an individual user or process has in an organization

· Relationship of user, role, operation: multiple users, multiple roles and multiple operations


Leave a Reply

Your email address will not be published. Required fields are marked *

Comment *