The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that
describes this flaw.
A.
The DAC (Discretionary Access Control) model uses only the identity of the user or specific
process to control access to a resource. This creates a security loophole for Trojan horse attacks.
B.
The DAC (Discretionary Access Control) model does not have any known security flaws.
C.
The DAC (Discretionary Access Control) model does not use the identity of a user to control
access to resources. This allows anyone to use an account to access resources.
D.
The DAC (Discretionary Access Control) model uses certificates to control access to resources.
This creates an opportunity for attackers to use your certificates.
Explanation:
In a DAC model, network users have some flexibility regarding how information is accessed. This
model allows users to dynamically share information with other users. The process allows a more
flexible environment, but it increases the risk of unauthorized disclosure of information.
Administrators will have a more difficult time ensuring that information access is controlled and
that only appropriate access is given.
Reference:
Mike Pastore and Emmett Dulaney , Security+ Study Guide , 2nd Edition, Alameda , Sybex ,
2004, p 440