New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSMP Exam - Topic 1 Question 5 Discussion

Actual exam question for ISC2's ISSMP exam
Question #: 5
Topic #: 1
[All ISSMP Questions]

In which of the following mechanisms does an authority, within limitations, specify what objects can be accessed by a subject?

Show Suggested Answer Hide Answer
Suggested Answer: B

In the discretionary access control, an authority, within limitations, specifies what objects can be accessed by a subject.

Answer option D is incorrect. In the mandatory access control, a subject's access to an object is dependent on labels.

Answer option A is incorrect. In the role-based access control, a central authority determines what individuals can have access to which objects based on the individual's role or title in the organization.

Answer option C is incorrect. The task-based access control is similar to role-based access control, but the controls are based on the subject's responsibilities and duties.


by Elza at May 03, 2022, 06:40 PM

Limited Time Offer

25%

Off

Get Premium ISSMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Margurite
4 months ago
Really? I thought Task-based Access Control was a thing.
upvoted 0 times
...
Raylene
4 months ago
I agree with Rolland, B is the correct answer!
upvoted 0 times
...
Belen
4 months ago
Wait, isn't it D? Mandatory Access Control sounds right.
upvoted 0 times
...
Elke
4 months ago
I think it's A, Role-Based Access Control fits the bill too.
upvoted 0 times
...
Rolland
5 months ago
Definitely B, Discretionary Access Control is all about that!
upvoted 0 times
...
Justine
5 months ago
Mandatory Access Control seems like a strong candidate here since it emphasizes strict rules about access, but I need to double-check the definitions.
upvoted 0 times
...
Lacey
5 months ago
Task-based Access Control sounds familiar, but I can't recall if it really involves authority specifying access. I might be mixing it up with something else.
upvoted 0 times
...
William
5 months ago
I remember studying Role-Based Access Control, but I feel like it doesn't quite fit this question. It’s more about roles than specific objects.
upvoted 0 times
...
Lera
5 months ago
I think this might be about Discretionary Access Control, but I'm not entirely sure. It seems like the authority gives some flexibility to the users.
upvoted 0 times
...
Viki
5 months ago
Okay, the OSI model - application, presentation, session, transport, network, data link, and physical. I've got this!
upvoted 0 times
...
Candra
5 months ago
I'm pretty confident I know the right answer here. Splitting application logic across multiple objects is generally better for minimizing dependencies and the impact of changes.
upvoted 0 times
...
Vanesa
5 months ago
Based on my understanding, the best option here would be to use a data extension. That way you can store multiple values for a single subscriber attribute, which is what the question is asking about. Feels like a straightforward choice to me.
upvoted 0 times
...

Save Cancel