New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSAP Exam - Topic 6 Question 29 Discussion

Actual exam question for ISC2's ISSAP exam
Question #: 29
Topic #: 6
[All ISSAP Questions]

Which of the following decides access control on an object in the mandatory access control (MAC) environment?

Show Suggested Answer Hide Answer
Suggested Answer: A

Mandatory Access Control (MAC) is a model that uses a predefined set of access privileges for an object of the system. Access to an object is

restricted on the basis of the sensitivity of the object and granted through authorization. Sensitivity of an object is defined by the label

assigned to it. For example, if a user receives a copy of an object that is marked as 'secret', he cannot grant permission to other users to see

this object unless they have the appropriate permission.

Answer options B, D, and C are incorrect. Event log, security log, System Access Control List (SACL) are not used to decide access control on

an object in the mandatory access control (MAC) environment.

A system access control list (SACL) is one type of access control list (ACL). It enables an administrator to log attempts to access a secured

object. It controls the audit messages or records when an access attempt fails or succeeds. Each ACE in an access control list specifies the

types of access attempts by a specified trustee. A computer can then generate a record in the security event log.


by Yuki at May 08, 2022, 07:34 AM

Limited Time Offer

25%

Off

Get Premium ISSAP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Pearlene
4 months ago
Really? I’m surprised it’s not the SACL!
upvoted 0 times
...
Paz
4 months ago
Nope, sensitivity labels are the main deal here.
upvoted 0 times
...
Amira
4 months ago
Wait, I thought SACL had a bigger role?
upvoted 0 times
...
Bobbye
4 months ago
Totally agree, it’s all about those labels.
upvoted 0 times
...
Audrie
5 months ago
Sensitivity label is key in MAC!
upvoted 0 times
...
Lavonna
5 months ago
This question feels familiar; I think we had a practice question about MAC that mentioned sensitivity labels.
upvoted 0 times
...
Salley
5 months ago
I remember studying that SACL is related to auditing, not access control. So, I don't think that's the right answer.
upvoted 0 times
...
Allene
5 months ago
I think the sensitivity label is what determines access control in a MAC environment, but I'm not entirely sure.
upvoted 0 times
...
Rosenda
5 months ago
I’m a bit confused; I thought event logs were more about tracking actions rather than controlling access.
upvoted 0 times
...
Jeannetta
5 months ago
Okay, let's see. The customer wants to upload starting entries for all master data through a general journal. That means we need functions that can handle general journal entries. I'm thinking Vendors Opening balance, G/L Accounts Opening balance, and Get Standard Journals might be the way to go.
upvoted 0 times
...
Blondell
5 months ago
Hmm, this looks like a tricky one. I'll need to carefully review the code and options to determine the best approach.
upvoted 0 times
...

Save Cancel