Which of the following is a type of mandatory access control?

Which of the following is a type of mandatory access control?

Which of the following is a type of mandatory access control?

A.
Rule-based access control

B.
Role-based access control

C.
User-directed access control

D.
Lattice-based access control

Explanation:
pg 46 Krutz: CISSP Prep Guide: Gold Edition

Show Hint

Leave a Reply to lemonlee Cancel reply0

Your email address will not be published. Required fields are marked *

seven + 7 =

paul milne

paul milne

This answer is incorrect.
According to Official CISSP Guide Fourth Edition pg 711
“Rule-based controls are most commonly a form of DAC, because the system owner typically develops the rules based on organization or processing needs.”

Reply

lemonlee

lemonlee

I think MAC is one type of RuBAC, which doesn’t allow user to modify the rules.

A isn’t incorrect.

Reply

Abs

Abs

D- Lattice defines boundaries and also MAC( just like in Bell lapadula)

Reply

Shabnam

Shabnam

Lattice-based access controls also fit into the
general category of information flow models and deal primarily with confidentiality
(that’s the reason for the connection to Bell-LaPadula

Page 324 Sybex
I think D is the correct answer

Reply

Mike

Mike

Answer is D. Confirmed and verified

Check:
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide / Edition 7. Page 648

It clearly states that, “The MAC model is often referred to as a lattice-Based model” This is on the 4th paragraph on page 648

Reply