Question

WHICH OF THE FOLLWOING STATEMENTS REGARDING THE MAC MODEL IS TRUE?

A. MANDATORY ACCESS CONTROL IS A DYNAMIC MODEL.
B. MANDATORY ACCESS CONTROL ENABLES AN OWNER TO ESTABLISH ACCESS PRIVILEGES TO A RESOURCE.
C. MANDATORY ACCESS CONTROL IS NOT RESTRICTIVE.
D. MANDATORY ACCESS CONTROL USERS CANNOT SHARE RESOURCES DYNAMICALLY.

Answer 1

The true statement about the Mandatory Access Control (MAC) model is that an owner cannot establish access privileges, as such privileges are enforced by a central authority.

Step-by-step explanation:

The question refers to the Mandatory Access Control (MAC) model within computer security. The correct statement regarding the MAC model is that it is not dynamic and is indeed quite restrictive. In a MAC system, access permissions are determined by the system, not by the individual owner, and are based on security levels or classifications.

As a result, statement B is true because in such a model, an owner cannot establish access privileges to a resource; the system enforces access decisions based on the policies set by a central authority. This differs from discretionary access control (DAC), where the owner of a resource has more discretion in granting or revoking access privileges.