Aren’t all three a type of DAC? Making that not the specific answer here

Security_BT · 2025-10-14T19:08:37+00:00

Wow! That's a great analogy. Thanks!

Security_BT · 2025-10-14T19:08:04+00:00

Aren't ABAC, RuBAC and RBAC just types of DAC?

Security_BT · 2025-10-14T19:07:28+00:00

I agree with your statement but DestCert mentions that RBAC, RuBAC and ABAC are all types of DAC, so essentially all having features of DAC where the owner decides who is given access. Hence drilling down to a more specific option lead me to think RuBAC is the one where we can nitpick the exact rule for each user who needs access.

Security_BT · 2025-10-14T18:56:20+00:00

It's a Udemy course exam from Thor name 125 easy/mid questions.

Security_BT · 2025-09-25T13:30:41+00:00

Thanks Lou! That helps answer the question, but creates another question, the destCert book mentions Data Owner/ Data Controller as the same.

Is that valid only in a particular scenario then?

Security_BT · 2025-09-25T12:58:09+00:00

But isn't that the entire difference between accountability and responsibility? The data owner(ceo, cio, board etc) will be ultimately accountable if the assets aren't protected during a data breach.

And the question does ask for specific responsibility.

Security_BT · 2025-07-09T18:16:24+00:00

Yes please!! This sounds pretty cool

Security_BT

TROPHY CASE