Mastering Mandatory Access Control (MAC) Policies Quiz

Questions and Answers

Which type of access control is controlled by the object's owner or principals authorized by the owner?

• Mandatory access control (MAC) policies
• Commercial security policies
• Multi-level security policies
• Discretionary access control (DAC) policies (correct)

What is the main difference between mandatory access control (MAC) policies and discretionary access control (DAC) policies?

• MAC policies support a need-to-know principle, while DAC policies do not
• MAC policies are more natural than DAC policies
• MAC policies are set by individuals, while DAC policies are set by institutions
• MAC policies protect integrity, while DAC policies protect confidentiality (correct)

Which type of access control policy codifies best practices that existed before computerization?

• Multi-level security policies (correct)
• Commercial security policies
• Discretionary access control (DAC) policies
• Mandatory access control (MAC) policies

Which communities were multi-level security policies initially developed for?

Military, diplomatic, and intelligence communities (C)

Apart from confidentiality, what other aspect of information can multi-level security policies protect?

Integrity (D)

Which type of access control policy is based on rules set by the institution rather than individuals?

Mandatory access control (MAC) policies (D)

Which communities were multi-level security policies initially developed for?

Military, diplomatic, and intelligence communities (B)

What is the main purpose of multi-level security policies?

To protect integrity of information (C)

Which type of access control policy supports a need-to-know principle for accessing confidential information?

Multi-level security policies (D)

Which type of access control policy codifies best practices that existed before computerization?

Mandatory access control (MAC) policies (B)

Flashcards are hidden until you start studying