A security specialist for a large distributed network with numerous divisions is selecting an access
control model. Employees in the human resource division need access to personnel information
but not production data and operations employees need access to production data only. Which of
the following access control models would be MOST appropriate?
A.
Role Based Access Control (RBAC)
B.
Mandatory Access Control (MAC)
C.
Rule Based Access Control (RBAC)
D.
Discretionary Access Control (DAC)
Explanation:
Role based access control contains components of MAC (mandatory access control) and DAC
(discretionary access control), and is characterized by its use of profiles. A profile is a specific role
that a group of employees perform in a function and the resources they need access to. When an
employee is hired he is put into a profile, and when the entire profile of workers needs more or
less resources they can all be facilitated together.