Question

Hajar is a network engineer. She is creating a system of access involving clearance and classification based on users and the objects they need in a secure network. She is restricting access to secure objects by users based on least privilege and which of the following?

a) Role-Based Access Control (RBAC)
b) Rule-Based Access Control (RBAC)
c) Mandatory Access Control (MAC)
d) Discretionary Access Control (DAC)

Answer 1

Hajar is likely using Mandatory Access Control (MAC) in her secure network to restrict access based on least privilege and clearance levels, adhering to a central policy rather than user-set permissions or role-based rules.

Step-by-step explanation:

Hajar is working on a system that involves assigning clearance levels and classification for users in a secure network. When Hajar is restricting access to secure objects by users based on the principle of least privilege, she is most likely implementing Mandatory Access Control (MAC). Under MAC, access to resources is based on a centralized policy and users cannot change the access permissions. This ensures that only users with the appropriate clearance or classification level are able to access sensitive information. Unlike Discretionary Access Control (DAC), where users can set their own policies for access, or Role-Based Access Control (RBAC) and Rule-Based Access Control (RBAC), which assign permissions based on the user's role within the organization or defined rules, respectively, MAC is characterized by its strict adherence to a central policy that defines access levels.