試験CISSP-JP トピック2 問題1141 スレッド
ISC CISSP-JPのリアル試験問題集
問題 #: 1141
トピック #: 2
問題 #: 1141
トピック #: 2
アクセス制御モデルの名前とそれに関連付けられた制限を一致させます。
各アクセス制御モデルを右側の適切な制限アクセスにドラッグします。

各アクセス制御モデルを右側の適切な制限アクセスにドラッグします。

おすすめの解答:

Explanation:
The correct matches are as follows:
* Mandatory Access Control -> End user cannot set controls
* Discretionary Access Control (DAC) -> Subject has total control over objects
* Role Based Access Control (RBAC) -> Dynamically assigns permissions to particular duties based on job function
* Rule based access control -> Dynamically assigns roles to subjects based on criteria assigned by a custodian Explanation: The image shows a table with two columns. The left column lists four different types of Access Control Models, and the right column lists their associated restrictions. The correct matches are based on the definitions and characteristics of each Access Control Model, as explained below:
* Mandatory Access Control (MAC) is a type of access control that grants or denies access to an object based on the security labels of the subject and the object, and the security policy enforced by the system.
The end user cannot set or change the security labels or the policy, as they are determined by a central authority.
* Discretionary Access Control (DAC) is a type of access control that grants or denies access to an object based on the identity and permissions of the subject, and the discretion of the owner of the object. The subject has total control over the objects that they own, and can grant or revoke access rights to other subjects as they wish.
* Role Based Access Control (RBAC) is a type of access control that grants or denies access to an object based on the role of the subject, and the permissions assigned to the role. The role is dynamically assigned to the subject based on their job function, and the permissions are determined by the business rules and policies of the organization.
* Rule based access control is a type of access control that grants or denies access to an object based on the rules or criteria that are defined by a custodian or an administrator. The rules or criteria are dynamically applied to the subject based on their attributes, such as location, time, or device, and the access rights are granted or revoked accordingly.
References: ISC2 CISSP, 2
香川** 2026-07-14 09:23:36
コメント
他人の解答コメントを賛成するのも、その解答に一票を入れることになります。したがって、すでに同じ意見の投票コメントが存在する場合、新規コメントをする代わりに賛成することもできます。
コメントを通報する
コメント中
今すぐ 新規登録 / ログイン (無料です)。