Appendix A Answers to Sample Questions

Domain 1: Access Controls

  1. What type of controls are used in a Rule Set–Based Access Control system?
    1. Discretionary
    2. Mandatory
    3. Role Based
    4. Compensating

    Answer: A

    Rule set–based access controls (RSBAC) are discretionary controls giving data owners the discretion to determine the rules necessary to facilitate access.

  2. What framework is the Rule Set–Based Access Controls logic based upon?
    1. Logical Framework for Access Control
    2. Specialized Framework for Access Control
    3. Technical Framework for Access Control
    4. Generalized Framework for Access Control

    Answer: D

    The RSBAC framework logic is based on the work done for the generalized framework for access control (GFAC) by Abrams and LaPadula.

  3. View-Based Access Controls ...

Get The Official (ISC)2 Guide to the SSCP CBK, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.