Which access control model assigns permissions primarily by the owner?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the DSAC Annex F Test with comprehensive flashcards and multiple choice questions. Access hints and explanations for each question to ensure you’re ready for your exam!

Multiple Choice

Which access control model assigns permissions primarily by the owner?

Explanation:
Discretionary Access Control centers on the resource owner having the authority to grant or revoke access. The owner attaches an access control list or similar policy to the resource, and can decide which users or groups are allowed to read, write, or execute. This makes permissions primarily driven by the owner’s discretion, giving flexibility to share with specific individuals while keeping others out. This contrasts with other models: Mandatory Access Control uses fixed, centralized rules based on security labels rather than owner decisions; Role-Based Access Control assigns permissions by user roles rather than by who owns the resource; Attribute-Based Access Control uses attributes of the user, resource, and environment to determine access. A typical file system example illustrates the idea: the file owner can set who else can access that file and what they can do with it, whereas in the other models those kinds of owner-driven decisions aren’t the primary mechanism.

Discretionary Access Control centers on the resource owner having the authority to grant or revoke access. The owner attaches an access control list or similar policy to the resource, and can decide which users or groups are allowed to read, write, or execute. This makes permissions primarily driven by the owner’s discretion, giving flexibility to share with specific individuals while keeping others out.

This contrasts with other models: Mandatory Access Control uses fixed, centralized rules based on security labels rather than owner decisions; Role-Based Access Control assigns permissions by user roles rather than by who owns the resource; Attribute-Based Access Control uses attributes of the user, resource, and environment to determine access. A typical file system example illustrates the idea: the file owner can set who else can access that file and what they can do with it, whereas in the other models those kinds of owner-driven decisions aren’t the primary mechanism.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy