Join Mike Chapple for an in-depth discussion in this video Mandatory access controls, part of CompTIA Security+ (SY0-501) Cert Prep: 4 Identity and Access Management.
- [Instructor] Mandatory Access Control systems…are most stringent type of access control.…In Mandatory Access Control, or MAC systems,…the operating system itself restricts the permissions…that may be granted to users and processes…on system resources.…User themselves cannot modify permissions.…For this reason, MAC is rarely fully implemented…on production systems outside of highly-secure environments.…MAC is normally implemented…as a rule-based access control system…where users and resources have labels…and the operating system makes access control decisions…by comparing those labels.…
The most common example of an operating system…implementing MAC is Security-Enhanced Linux, or SELinux,…a Linux kernel security module developed…by the US National Security Agency in the 1990s…and included in some Linux distributions…including Red Hat Enterprise Linux, CentOS, and Fedora.…As far as the Security+ exam goes,…that's really all you need to know…about Mandatory Access Controls, but I'd like to give you…a little more insight into how SELinux works.…
Instructor Mike Chapple has designed the training around the most recent version of CompTIA Security+, SY0-501, which expands coverage of mobile and cloud technologies. By learning about the topics in this course, you'll be prepared to answer questions from the latest exam—and strengthen your own organization's systems and defenses. To join one of Mike's free study groups, visit certmike.com.
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Identification methods
- Authentication factors
- Multifactor authentication
- Single sign-on
- Authorization and access controls
- Account management