In an attribute-based access control policy a subject's role might be one attribute.  In your opinion, does this make role-based access control policies a true subset of attribute-based policies, or are there other differences between the two.  Justify your answer in 3-4 sentences.

Which of the following is applicable in the Role-Based Access Control (RBAC) model?Group of answer choicesA user can be assigned with several rolesA role can access several resourcesA role can be assigned to several usersAll of these

In access control terminology, specific terms are being used to describe different roles. a. What are subjects? b. What are objects? c. What are resource owners? d. Who performs authorization and who is being authorized?

Which access control model uses security labels to enforce access control?Discretionary Access ControlRole-Based Access ControlMandatory Access ControlAttribute-Based Access Control

Question 81 ptsWhat type of access control approaches is suitable when several people in the organization perform the same role or task?       Group of answer choicesLattice-based access controlDiscretionary access controlMandatory access controlRole/task-based access control

Which of the following access control models make use of the classification levels of the information along with the subject’s clearance level?Group of answer choicesMandatory Access Control (MAC)Lattice-Based Access Control (LBAC)Attribute-Based Access Control (ABAC)Both MAC and LBAC