Which access control method allowsusers to have some level of flexibility on how information is
accessed, but at the expense of increasing the risk of unauthorized disclosure of information?
A.
Role-Based Access Control (RBAC) method.
B.
Discretionary Access Control (DAC) method
C.
All of the above
D.
Mandatory Access Control (MAC) method
Explanation:
In a DAC model, network users have some flexibility regarding how information is accessed. This
model allows users to dynamically share information with other users. The process allows a more
flexible environment, but it increases the risk of unauthorized disclosure of information.
Administrators will have a more difficult time ensuring that information access is controlled and
that only appropriate access is given.
Reference:
Mike Pastore and Emmett Dulaney , Security+ Study Guide , 2nd Edition, Alameda , Sybex ,
2004, p 440