0
0
Cybersecurityknowledge~5 mins

Access control models (MAC, DAC, ABAC) in Cybersecurity - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualPracticeChallengeProjectRecallTime
Recall & Review
beginner
What is Mandatory Access Control (MAC)?
MAC is a strict access control model where the system enforces access rules based on fixed policies set by an authority. Users cannot change permissions. Access is granted based on security labels.
Click to reveal answer
beginner
Define Discretionary Access Control (DAC).
DAC allows the owner of a resource to decide who can access it. Users have control over permissions and can grant or revoke access to others.
Click to reveal answer
intermediate
What does Attribute-Based Access Control (ABAC) use to decide access?
ABAC uses attributes like user role, resource type, time of access, and environmental conditions to make flexible access decisions.
Click to reveal answer
beginner
Which access control model is the most rigid and controlled by the system?
Mandatory Access Control (MAC) is the most rigid because the system strictly enforces access policies without user control.
Click to reveal answer
beginner
Give a real-life example of Discretionary Access Control (DAC).
Sharing a photo album on social media where you decide who can see or edit the photos is like DAC, because you control access.
Click to reveal answer
Which access control model uses fixed policies set by an authority and does not allow users to change permissions?
AMandatory Access Control (MAC)
BDiscretionary Access Control (DAC)
CAttribute-Based Access Control (ABAC)
DRole-Based Access Control (RBAC)
In which model does the resource owner decide who can access their resources?
AMandatory Access Control (MAC)
BAttribute-Based Access Control (ABAC)
CNone of the above
DDiscretionary Access Control (DAC)
Which access control model uses user attributes like role, location, and time to decide access?
AAttribute-Based Access Control (ABAC)
BMandatory Access Control (MAC)
CDiscretionary Access Control (DAC)
DNone of the above
Which model is best described as the most flexible and context-aware?
AMAC
BDAC
CABAC
DNone
If a company wants to enforce strict security policies that users cannot override, which model should they use?
ADAC
BMAC
CABAC
DRBAC
Explain the main differences between Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Attribute-Based Access Control (ABAC).
Think about who controls access and how decisions are made.
You got /3 concepts.
    Describe a real-life situation where each access control model (MAC, DAC, ABAC) might be used.
    Consider strict control, owner control, and flexible attribute-based control.
    You got /3 concepts.