New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSAP Exam - Topic 4 Question 41 Discussion

Actual exam question for ISC2's ISSAP exam
Question #: 41
Topic #: 4
[All ISSAP Questions]

Access control systems enable an authority to control access to areas and resources in a given physical facility or computer-based information system. Which of the following services provided by access control systems is used to determine what a subject can do?

Show Suggested Answer Hide Answer
Suggested Answer: B

Identification and authentication determine who can log on to a system, and the association of users with the software subjects that

they are able to control as a result of logging in.

Authorization determines what a subject can do.

Accountability identifies what a subject (or all subjects associated with a user) did.


by Lettie at May 04, 2022, 09:10 AM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Penney
4 months ago
Accountability is important too, but not for this question.
upvoted 0 times
...
Harrison
4 months ago
Wait, are we sure about that? Seems tricky.
upvoted 0 times
...
Edmond
4 months ago
Yeah, Authorization is the key here.
upvoted 0 times
...
Buffy
4 months ago
I thought it was Authentication at first.
upvoted 0 times
...
Ona
5 months ago
It's definitely Authorization!
upvoted 0 times
...
Quiana
5 months ago
I vaguely recall that Identification is the first step, but it doesn't really tell you what actions are allowed. Authorization seems like the right choice.
upvoted 0 times
...
Raymon
5 months ago
I feel like I mixed up Accountability and Authorization in practice questions before. I hope I remember the right one this time!
upvoted 0 times
...
Juliann
5 months ago
I remember studying that Authentication is about verifying identity, while Authorization determines permissions. So, I believe it's definitely Authorization.
upvoted 0 times
...
Salina
5 months ago
I think the answer might be Authorization since it relates to what a user can do, but I'm not completely sure.
upvoted 0 times
...
Isaiah
5 months ago
This question seems straightforward, but I want to make sure I understand the key terms "inspiration", "ideation", and "implementation" before answering.
upvoted 0 times
...
Melvin
5 months ago
This is a good question. I'll draw on my understanding of Scrum principles to analyze the factors and select the best option.
upvoted 0 times
...
Sheridan
5 months ago
Hmm, I'm stuck between A and C. I know nonpublic records have specific disclosure rules, but I'm not 100% certain.
upvoted 0 times
...

Save Cancel