Certified Information Systems Security Professional (CISSP) — Question 56

What is a use for mandatory access control (MAC)?

Answer options

• A. Allows for mandatory user identity and passwords based on sensitivity
• B. Allows for mandatory system administrator access control over objects
• C. Allows for labeling of sensitive user accounts for access control
• D. Allows for object security based on sensitivity represented by a label

Correct answer: D

Explanation

The correct answer, D, accurately describes how MAC works by enforcing security policies based on labels that indicate the sensitivity of objects. The other options, while related to access control, do not encapsulate the core principle of MAC, which is the use of labels to manage access based on sensitivity.