CISSP - Identity and Access Management (IAM) - Section 5.4

Implement and manage authorization mechanisms such as RBAC, rule-based, MAC, DAC, ABAC, and risk-based access control.

Compare role-based (RBAC), rule-based, mandatory (MAC), discretionary (DAC), attribute-based (ABAC), and risk-based access control models in terms of their enforcement mechanisms and administrative overhead. Select the most appropriate model given the sensitivity requirements, organisational structure, and dynamic access context.

Examworthy is not affiliated with or endorsed by (ISC)2. Original, blueprint-aligned practice material only.