In which model are access rules centrally controlled and cannot be altered by resource owners?

Prepare for the Network Security Examination by mastering key concepts in cybersecurity. Utilize interactive questions and detailed explanations to enhance your knowledge. Excel in your exam with our comprehensive preparation resources!

Multiple Choice

In which model are access rules centrally controlled and cannot be altered by resource owners?

Explanation:
Access decisions are governed by a centralized set of rules that apply uniformly and cannot be changed by individual resource owners. In this model, a central authority defines security labels and a policy that determines who can access what, and the system enforces those rules regardless of the desires of the resource owner. This ensures consistent protection and prevents owners from granting special rights or bypassing protections. That’s why this model is the correct choice: it embodies strict, top-down control where access rights are dictated by the policy and labels, not by those who own the resources. In contrast, discretionary access control lets owners grant or revoke permissions themselves, so it doesn’t meet the “cannot be altered by resource owners” criterion. Multilevel access control is a form of this centralized approach, typically incorporating levels of clearance, but the fundamental idea remains centralized enforcement rather than owner-driven decisions.

Access decisions are governed by a centralized set of rules that apply uniformly and cannot be changed by individual resource owners. In this model, a central authority defines security labels and a policy that determines who can access what, and the system enforces those rules regardless of the desires of the resource owner. This ensures consistent protection and prevents owners from granting special rights or bypassing protections.

That’s why this model is the correct choice: it embodies strict, top-down control where access rights are dictated by the policy and labels, not by those who own the resources. In contrast, discretionary access control lets owners grant or revoke permissions themselves, so it doesn’t meet the “cannot be altered by resource owners” criterion. Multilevel access control is a form of this centralized approach, typically incorporating levels of clearance, but the fundamental idea remains centralized enforcement rather than owner-driven decisions.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy