In access control terms, the word “dominate” refers to which of the following?
A.
Higher or equal to access class
B.
Rights are superceded
C.
Valid need-to-know with read privileges
D.
A higher clearance level than other users
Explanation:
Higher or equal to access class. The reason is the term dominates refers to a subject being authorized to
perform an operation if the access class of the subject is higher or dominates the access class of the object
requested. This is the best answer for the term “dominates” in access control. If a subject wishes to access an
object, his security clearance must be equal or higher than the object he’s accessing.
Incorrect Answers:
B: Rights are superceded is incorrect as it is not actually a valid condition.C: Valid need-to-know with read privileges is too specific to be dominates, and is usually what a user’s label
indicates.
D: A higher clearance level than others. Although having a higher clearance level might be important to obtain
access to the higher levels of data, it is not what the definition of “dominates” refers to in access control.
Shon Harris latest “All in One CISSP Exam Prep” page 280.