Which of the following access control models introduces user security clearance and data classification?
A.
Role-based access control
B.
Discretionary access control
C.
Non-discretionary access control
D.
Mandatory access control
Explanation:
Mandatory access control (MAC) is an access policy that restricts access to objects based on the security
clearance of a subject and the classification of an object.
Incorrect Answers:
A: Role-based access control (RBAC) provides access to resources according to the role the user holds within
the company or the tasks that the user has been assigned.
B: Access in a DAC model is restricted based on the authorization granted to the users.
C: Non-discretionary access control is when the system administrator or a single management body within an
organization centrally controls access to all resources for everybody on a network.Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228
http://www.answers.com/Q/What_is_Non_discretionary_access_control