CompTIA Security+ (SY0-501) — Question 418

An administrator is implementing a secure web server and wants to ensure that if the web server application is compromised, the application does not have access to other parts of the server or network. Which of the following should the administrator implement? (Choose two.)

Answer options

• A. Mandatory access control
• B. Discretionary access control
• C. Rule-based access control
• D. Role-based access control
• E. Attribute-based access control

Correct answer: A, C

Explanation

Mandatory access control (A) enforces strict policies that limit application access based on security levels, preventing unauthorized access to other parts of the system. Rule-based access control (C) allows for fine-grained access policies that can specify what applications can access, making it suitable for this scenario. Discretionary access control (B), role-based access control (D), and attribute-based access control (E) do not provide the same level of isolation and security against application compromise.