Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 184

What is the difference between discretionary access control (DAC) and role-based access control (RBAC)?

Answer options

• A. DAC administrators pass privileges to users and groups, and in RBAC, permissions are applied to specific groups.
• B. DAC requires explicit authorization for a given user on a given object, RBAC requires specific conditions.
• C. RBAC is an extended version of DAC where you can add an extra level of authorization based on time.
• D. RBAC access is granted when a user meets specific conditions, and in DAC, permissions are applied on user and group levels.

Correct answer: A

Explanation

The correct answer is A because DAC involves administrators granting privileges to users and groups, while RBAC focuses on permissions assigned to specific groups based on their roles. Option B is incorrect as both models do not necessarily require explicit conditions; option C misrepresents RBAC as merely an extension of DAC, which it is not, and option D inaccurately describes how permissions are applied differently in the two systems.