CISSP DOMAIN 5 ACCESS CONTROL Questions

Рет қаралды 22,393

Prabh Nair

Күн бұрын

Пікірлер: 28

@Abdul-dy7om Жыл бұрын

Thank You Very Much Prabh Nair, You are God Sent, I love your explanation of the access control concept

@LS-dk8pj Жыл бұрын

Thanks for putting this together, very well detailed and easy to understand.

@shyambhavsar5937 3 жыл бұрын

Prabh... thanks for explaining in very easy language .. ...

@Tiko-jq9fl 3 жыл бұрын

Prabh thank you so much for this. Your explanation is just what I needed

@srinivassatti3472 3 жыл бұрын

Very Informative Prabh. Thank You !!!

@Victor-pq5kd 3 жыл бұрын

Nailed it! Thanks for the video

@MrManishwalia 2 жыл бұрын

Thanks for this Prabh, it is very simple to follow and easy to remember.

@Resilient1401 3 жыл бұрын

Most awaited another video of CISSP.. Thanks Prabh 👏🏻🎉

@PBath 3 жыл бұрын

Thanks Prabh, Very Well Explained

@basantkumarsharma3824 3 жыл бұрын

Eagerly waiting for this topic,Thank Prab🙏👍,

@TempleOfDoom930 2 жыл бұрын

Dear Prabh Nair, with due respect I would like to disagree with some information that you are providing. The major difference between a DAC and RBAC is that DAC applies where there is a limitation of Centralised Access Control. DAC is flexible but RBAC has some sort of overhead since in RBAC, subjects are mapped with set of objects. --- The Official (ISC)2 CISSP CBK Reference, 6th Edition. Also in 4th edition there is no indication that RBAC is a DAC. Also about sudo. sudo is not a MAC property. Perhaps, we have never seen a MAC system in our lives. sudo is programme assigned to a user for set of permission or roles. So sudo is also a matter of RBAC functionality.

@yusufraza92 3 жыл бұрын

Thanks Prabh well explained !

@MH_K_ 3 жыл бұрын

Awesome. Your coffee is too tasty. Thanks Prabh for the efforts on making useful videos.Waiting for more Coffee Shots..

@GilligansTravels 2 жыл бұрын

awesome Prabh!

@awasthisupriya 3 жыл бұрын

Thanks Prabh for sharing this Video. Please share video for OSI/TCP model also..

@mjishanali 3 жыл бұрын

You are amazing brother!

@sankarravichandran2057 3 жыл бұрын

:-) Awesome sir

@jayshreedesai374 2 жыл бұрын

Very clear!

@milapparekh6484 3 жыл бұрын

Perfect

@DeepakKumar-sx5pi 3 жыл бұрын

hey Prabh, nice to watch your videos! Just wanted to highlight, there is one topic that needs little attention i.e. RBAC ; it’s a non-discretionary access control. i would like to refer here, the CISSP 11th Hour, book by Eric Conrad on page-131, just for exam purposes, please give some input why there is so different opinion. On exam what what should be the answer for such question? Even in some practise tests it is said to be non-dac. thanks

@PrabhNair1 3 жыл бұрын

RBAC is DAC check cbk 4th edition my all session covered based on cbk and official manual of isc2 content RBAC driven by group manager when he give access and data owner for his file Example ur part of backup operator but for my file as m the owner I denied your access So it's DAC :)

@DeepakKumar-sx5pi 3 жыл бұрын

@@PrabhNair1, thanks for responding. so RBAC falls under DAC, for answering on Exam? little tricky to answer, i hope it don’t show up 😬

@DeepakKumar-sx5pi 3 жыл бұрын

@@PrabhNair1 Another pointer; in Sybex WILEY practice tests, i encountered a RBAC Questions. Just wanted to add to this conversation; Q: A central authority determines which files a user can access based on the organization’s hierarchy. Which of the following best describes this? A. DAC model B. An access control list (ACL) C. Rule-based access control model D. RBAC model This Answer is Correct A Role Based Access Control (RBAC) model can group users into roles based on the organization’s hierarchy, and it is a nondiscretionary access control model. A nondiscretionary access control model uses a central authority to determine which objects that subjects can access. In contrast, a Discretionary Access Control (DAC) model allows users to grant or reject access to any objects they own. An ACL is an example of a rule-based access control model that uses rules, not roles.

@PrabhNair1 3 жыл бұрын

@@DeepakKumar-sx5pi Source CBK :) OFFICLA BOOK OF ISC2 I only trust ths book A role-based access control (RBAC) model, as shown in Figure 5.13, bases the access control authorizations on the roles (or functions) that the user is assigned within an organization. The determination of what roles have access to a resource can be governed by the owner of the data, as with Discretionary Access Controls (DACs), or applied based on policy, as with Mandatory Access Controls (MACs). Access control decisions are based on job function, previously defined and governed by policy, and each role (job function) will have its own access capabilities. Objects associated with a role will inherit privileges assigned to that role. This is also true for groups of users, allowing administrators to simplify access control strategies by assigning users to groups and groups to roles.

@PrabhNair1 3 жыл бұрын

@@DeepakKumar-sx5pi i dont trust other book i take my classes based on cbk :)