ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam SSCP All Questions

View all questions & answers for the SSCP exam
Go to Exam

Exam SSCP topic 1 question 61 discussion

Actual exam question from ISC's SSCP
Question #: 61
Topic #: 1
[All SSCP Questions]

To control access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up:

  • A. Access Rules
  • B. Access Matrix
  • C. Identification controls
  • D. Access terminal
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Controlling access by a subject (an active entity such as individual or process) to an object (a passive entity such as a file) involves setting up access rules.
These rules can be classified into three access control models: Mandatory, Discretionary, and Non-Discretionary.
An access matrix is one of the means used to implement access control.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 33.
by spiritxxx0 at May 29, 2024, 1:52 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
lfrivas
1 week, 1 day ago
Selected Answer: A
Acces Rule, Access Matrix It's a conceptual model (not a direct implementation) that can represent access rules, but it’s not the rule itself.
upvoted 1 times
...
kicksave23
1 month, 3 weeks ago
Selected Answer: A
I chose B, but after thinking about it, I lean towards agreeing with A. One object and one subject is (probably) an Access Rule. The Access Matrix comes in when there are multiple objects and/or subjects.
upvoted 1 times
...
PolyDork
7 months, 2 weeks ago
According to Gemini, it's A To control access to objects by subjects, you need to set up A. Access Rules. Here's why: Access Rules: These are specific policies that define who (subjects) can do what (actions) to which resources (objects). They are the fundamental mechanism for controlling access. Access Matrix: While an access matrix is a useful tool for visualizing and managing access relationships, it's not a mechanism for controlling access directly. It's a data structure that represents who can do what to what. Identification controls: These are used to verify the identity of subjects (e.g., through usernames and passwords). They are important for ensuring that only authorized subjects can access resources, but they don't directly control access. Access terminal: This is a physical device used to access a system. It's not a mechanism for controlling access. Therefore, the correct answer is A. Access Rules.
upvoted 2 times
...
b722029
9 months, 1 week ago
Selected Answer: B
Access Matrix
upvoted 2 times
...
spiritxxx0
11 months ago
B. Access Matrix
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago