Mandatory Access Control — CISSP Practice Questions
Mandatory access control (MAC) is a non-discretionary access control model in which a central authority enforces access policies based on security labels assigned to subjects and objects. Unlike discretionary access control, individual users cannot override these assignments. The CISSP exam tests MAC in the context of security models such as Bell-LaPadula and Biba, and candidates must understand when MAC is appropriate, typically in high-assurance government or military environments. Questions often ask you to distinguish MAC from DAC and RBAC and to map each model to its real-world use case.
Free questions on mandatory access control
Which security model uses labels and clearance levels to enforce mandatory access control?
Free question · medium · full answer + explanation
More mandatory access control questions in the full bank
- An organization's access control system enforces the Bell-LaPadula model. A user with secret clearance attempts to read a top-secret document. Which security principle prevents this access? Unlock answer & explanation →
- In the Bell-LaPadula security model, which principle PRIMARILY prevents unauthorized disclosure of information? Unlock answer & explanation →
- Which security model is BEST suited for organizations with strict information sensitivity hierarchies? Unlock answer & explanation →