Which access control model uses security labels to determine which users are authorized to access a resource?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Which access control model uses security labels to determine which users are authorized to access a resource?

Explanation:
This model uses security labels to control access by tying both subjects and objects to classification labels, and decisions are made by enforcing a system-wide policy rather than by the resource owner. Each resource carries a label (for example, Top Secret, Secret, Confidential) and each user has a matching clearance. Access is granted only when the user’s clearance dominates or is equal to the resource’s classification, as defined by the policy. This means administrators cannot override the rule for individual users based on ownership or discretion, ensuring consistent, centralized control across the organization. Discretionary access control would let the resource owner grant access using permissions they choose, which differs from this label-driven, policy-enforced approach. Role-based access control assigns permissions by role rather than by security labels, and attribute-based access control uses various attributes and policies rather than fixed classifications.

This model uses security labels to control access by tying both subjects and objects to classification labels, and decisions are made by enforcing a system-wide policy rather than by the resource owner. Each resource carries a label (for example, Top Secret, Secret, Confidential) and each user has a matching clearance. Access is granted only when the user’s clearance dominates or is equal to the resource’s classification, as defined by the policy. This means administrators cannot override the rule for individual users based on ownership or discretion, ensuring consistent, centralized control across the organization.

Discretionary access control would let the resource owner grant access using permissions they choose, which differs from this label-driven, policy-enforced approach. Role-based access control assigns permissions by role rather than by security labels, and attribute-based access control uses various attributes and policies rather than fixed classifications.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy