ELABORATED DEFINITIVE
SOLUTIONS|A+ GRADED|UPDATED
2025/2026 LATEST VERSION|100%
GUARANTEED PASS!!!
A central authority determines which files a user can access based on the
organization's hierarchy. Which of the following best describes this?
A. DAC model
B. An access control list (ACL)
C. Rule-based access control model
D. RBAC mode - ANSWER ✓ D. A role-based access control (RBAC) model can
group users into roles based on the organization's hierarchy, and it is a
nondiscretionary access control model. A nondiscretionary access control model
uses a central authority to determine which objects subjects can access. In contrast,
a Discretionary Access Control (DAC) model allows users to grant or reject access
to any objects they own. An ACL is an example of a rule-based access control
model that uses rules, not roles.
Which of the following statements is true related to the RBAC model?
A. A RBAC model allows users membership in multiple groups.
B. A RBAC model allows users membership in a single group.
C. A RBAC model is nonhierarchical.
D. A RBAC model uses labels - ANSWER ✓ A.
,The role-based access control (RBAC) model is based on role or group
membership, and users can be members of multiple groups. Users are not limited
to only a single role. RBAC models are based on the hierarchy of an organization,
so they are hierarchy based. The mandatory access control (MAC) model uses
assigned labels to identify access
You are reviewing different access control models. Which of the following best
describes a rule-based access control model?
A. It uses local rules applied to users individually.
B. It uses global rules applied to users individually.
C. It uses local rules applied to all users equally.
D. It uses global rules applied to all users equally. - ANSWER ✓ D.
A rule-based access control model uses global rules applied to all users and other
subjects equally. It does not apply rules locally or to individual users
Your organization is considering deploying a software-defined network (SDN) in
the datacenter. Which of the following access control models is commonly used in
a SDN?
A. Mandatory Access Control (MAC) model
B. Attribute-Based Access Control (ABAC) model
C. Role-Based Access Control (RBAC) model
D. Discretionary Access Control (DAC) model - ANSWER ✓ B.
The ABAC model is commonly used in SDNs. None of the other answers are
normally used in SDNs. The MAC model uses labels to define access, and the
RBAC model uses groups. In the DAC model, the owner grants access to others.
The MAC model supports different environment types. Which of the following
grants users access using predefined labels for specific labels?
,A. Compartmentalized environment
B. Hierarchical environment
C. Centralized environment
D. Hybrid environment - ANSWER ✓ B.
In a hierarchical environment, the various classification labels are assigned in an
ordered structure from low security to high security. The mandatory access control
(MAC) model supports three environments: hierarchical, compartmentalized, and
hybrid. A compart-mentalized environment ignores the levels, and instead only
allows access for individual compartments on any level. A hybrid environment is a
combination of a hierarchical and compartmentalized environment. A MAC model
doesn't use a centralized environment
10. Which of the following access control models identifies the upper and lower
bounds of access for subjects with labels?
A. Nondiscretionary access control
B. Mandatory Access Control (MAC)
C. Discretionary Access Control (DAC)
D. Attribute-Based Access Control (ABAC) - ANSWER ✓ B.
The MAC model uses labels to identify the upper and lower bounds of
classification levels, and these define the level of access for subjects. MAC is a
nondiscretionary access control model that uses labels. However, not all
nondiscretionary access control models use labels. DAC and ABAC models do not
use labels
11. Which of the following access control models uses labels and is commonly
referred to as a lattice-based model?
A. DAC
B. Nondiscretionary
, C. MAC
D. RBAC - ANSWER ✓ C.
Mandatory access control (MAC) models rely on the use of labels for subjects and
objects. They look similar to a lattice when drawn, so the MAC model is often
referred to as a lattice-based model. None of the other answers use labels.
Discretionary Access Control(DAC) models allow an owner of an object to control
access to the object. Nondiscretionary access controls have centralized
management, such as a rule-based access control model deployed on a firewall.
Role-based access control (RBAC) models define a subject's access based on job-
related roles
12. Management wants users to use multifactor authentication any time they
access cloud-based resources. Which of the following access control models can
meet this requirement?
A. Risk-based access control
B. Mandatory Access Control (MAC)
C. Role-Based Access Control (RBAC)
D. Discretionary Access Control (DAC) - ANSWER ✓ A.
A risk-based access control model can require users to authenticate with
multifactor authentication. None of the other access control models listed can
evaluate how a user has logged on. A MAC model uses labels to grant access. An
RBAC model grants access based on job roles or groups. In a DAC model, the
owner grants access to resources.
13. Which of the following access control models determines access based on the
environment and the situation?
A. Risk-based access control
B. Mandatory Access Control (MAC)