Cisco Cyber Security Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Enhance your Cisco Cyber Security knowledge. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your Cisco Cyber Security Exam with our comprehensive quiz!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What access control strategy is used when the Finance Manager grants permissions to their team lead to access reports?

  1. Role-based access control

  2. Rule-based access control

  3. Discretionary access control

  4. Mandatory access control

The correct answer is: Discretionary access control

The scenario describes a situation where the Finance Manager is granting specific permissions to a team lead to access particular reports. This aligns with the concept of Discretionary Access Control (DAC). In DAC, the owner of the resource or data (in this case, the Finance Manager) has the discretion to determine who is allowed to access that resource. This model allows users to share their permissions with other users, which is exactly what the Finance Manager is doing by granting access to their team lead. This contrasts with other access control models. For instance, Role-Based Access Control (RBAC) assigns access rights based on user roles rather than individual discretion. Similarly, Rule-Based Access Control involves the use of specific rules to govern access rather than discretionary choices. Mandatory Access Control (MAC) typically involves a central authority that governs access policies, which does not reflect the individual authorization described in the scenario. Thus, the act of the Finance Manager granting access to a subordinate clearly demonstrates the principles of Discretionary Access Control.

More Questions Like This