Mark works as a Network Administrator for NetTech Inc. He wants users to access only those
resources that are required for them. Which of the following access control models will he use?
A.
Discretionary Access Control
B.
Mandatory Access Control
C.
Policy Access Control
D.
Role-Based Access Control
Explanation:
Role-based access control (RBAC) is an access control model. In this model, a user
can access resources according to his role in the organization. For example, a backup
administrator is responsible for taking backups of important data. Therefore, he is only authorized
to access this data for backing it up. However, sometimes users with different roles need to
is incorrect. Mandatory Access Control (MAC) is a model that uses a predefined set of access
privileges for an object of the system. Access to an object is restricted on the basis of the
sensitivity of the object and granted through authorization. Sensitivity of an object is defined by the
label assigned to it. For example, if a user receives a copy of an object that is marked as “secret”,
he cannot grant permission to other users to see this object unless they have the appropriate
has the right to decide who can access the data. This model is commonly used in PC
incorrect. There is no such access control model as Policy Access Control.