Mastering Mandatory Access Control (MAC) Policies Quiz

Questions and Answers

Which type of access control is controlled by the object's owner or principals authorized by the owner?

Mandatory access control (MAC) policies

Commercial security policies

Multi-level security policies

Discretionary access control (DAC) policies (correct)

What is the main difference between mandatory access control (MAC) policies and discretionary access control (DAC) policies?

MAC policies support a need-to-know principle, while DAC policies do not

MAC policies are more natural than DAC policies

MAC policies are set by individuals, while DAC policies are set by institutions

MAC policies protect integrity, while DAC policies protect confidentiality (correct)

Which type of access control policy codifies best practices that existed before computerization?

Multi-level security policies (correct)

Commercial security policies

Discretionary access control (DAC) policies

Mandatory access control (MAC) policies

Which communities were multi-level security policies initially developed for?

Military, diplomatic, and intelligence communities

Apart from confidentiality, what other aspect of information can multi-level security policies protect?

Integrity

Which type of access control policy is based on rules set by the institution rather than individuals?

Mandatory access control (MAC) policies

Which communities were multi-level security policies initially developed for?

Military, diplomatic, and intelligence communities

What is the main purpose of multi-level security policies?

To protect integrity of information

Which type of access control policy supports a need-to-know principle for accessing confidential information?

Multi-level security policies

Which type of access control policy codifies best practices that existed before computerization?

Mandatory access control (MAC) policies