Network Defense Essentials (NDE) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the Network Defense Essentials Test. Dive into multiple choice questions with hints and explanations. Prepare thoroughly for your exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which access control model allows the system to determine permissions without user input?

  1. Role-Based Access Control

  2. Mandatory Access Control

  3. Discretionary Access Control

  4. Role-based authorization

The correct answer is: Role-Based Access Control

The correct answer is Mandatory Access Control. This model is characterized by its use of fixed policies that dictate access permissions determined by the system and not by the individual users. In Mandatory Access Control (MAC), access rights are assigned based on multiple levels of security clearance and data classification. This means that once a user is granted access to a system, they operate under the constraints established by these policies without any ability to alter permissions. This model is particularly useful in environments that require stringent security measures, such as government or military organizations, where controlling access to sensitive information is paramount. Users cannot make changes that would influence access rights, thereby ensuring a consistent enforcement of security policies across the system. In contrast, Role-Based Access Control (RBAC) allows permissions to be assigned based on user roles, which can involve user input for role assignments. Discretionary Access Control (DAC) lets users manage permissions for resources at their discretion, allowing flexibility that also includes user input. Role-based authorization is a concept related to RBAC but does not constitute a distinct access control model. Therefore, MAC stands out as the model where permissions are strictly determined by the system without user involvement.

More Questions Like This