Exam 200-201 topic 1 question 217 discussion

I'll go with A Feature DAC (Discretionary Access Control) RBAC (Role-Based Access Control) Focus Individual users and groups Roles and predefined conditions Permission assignment Administrators grant access directly to users and groups Permissions assigned to roles, users inherit permissions based on their assigned roles Flexibility Highly flexible, allows granular control over individual permissions Less flexible than DAC, but simplifies administration and reduces permission creep Example File system permissions, where users have specific read/write access to certain files and folders Network access control, where users are assigned roles like "administrator" or "editor" with predefined permissions

The answer is D. DAC is a type of access control that allows the owner of an object to define who has access to it. Permissions are applied on a user and group level. For example, the owner of a file can grant read, write, and execute permissions to the users and groups they choose. RBAC is a type of access control that defines permissions based on a user's role. Roles are assigned to users based on their job function or responsibilities. For example, a user with the role of "employee" might have read-only access to all files, while a user with the role of "manager" might have read, write, and execute permissions to all files.

DAC (Discretionary Access Control): Object Owner determines permissions and "provides users a certain amount of control" over their data, it is a least restrictive model. >> I would go on A on this one. B. DAC requires explicit authorization for a given user on a given object, RBAC requires specific conditions. >> The specific condition thing feels like more inclined to ABAC wherein Attributes of the subject determines permissions.

b is correct

does anyone think B is correct ?