A. Dictating how entities interact with resources

B. Verifying the identity of users

C. Tracking authorized and unauthorized usage of resources

D. Assigning security labels to subjects and objects

A. To create user accounts

B. To verify user identity

C. To determine user permissions

D. To track user activities

A. Granting excessive privileges to users

B. Granting minimum rights necessary for specific tasks

C. Granting full control over resources to the owner

D. Granting access to users within the same domain

A. Denying access by default unless explicitly granted

B. Granting access by default unless explicitly denied

C. Denying access to users with high clearance levels

D. Granting access to users based on organizational roles

A. Creating user accounts

B. Verifying user identity

C. Tracking user activities

D. Assigning security labels to subjects and objects

A. Discretionary Access Control (DAC)

B. Role-based Access Control (RBAC)

C. Mandatory Access Control (MAC)

D. Rule-based Access Control

A. Administrative control

B. Security clearance levels

C. User-defined access control policies

D. Continuous authentication