What is the difference between Access Control Lists (ACLs) and Capability Tables?
A . Access control lists are related/attached to a subject whereas capability tables are related/attached to an object.
B . Access control lists are related/attached to an object whereas capability tables are related/attached to a subject.
C . Capability tables are used for objects whereas access control lists are used for users.
D . They are basically the same.
Answer: B
Explanation: Capability tables are used to track, manage and apply controls based on the object and rights, or capabilities of a subject. For example, a table identifies the object, specifies access rights allowed for a subject, and permits access based on the user’s posession of a capability (or ticket) for the object. It is a row within the matrix.
To put it another way, A capabiltiy table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL.
CLEMENT NOTE:
If we wish to express this very simply:
Capabilities are attached to a subject and it describe what access the subject has to each of the objects on the row that matches with the subject within the matrix. It is a row within the matrix. ACL’s are attached to objects, it describe who has access to the object and what type of access they have. It is a column within the matrix.
The following are incorrect answers:
"Access control lists are subject-based whereas capability tables are object-based" is incorrect. "Capability tables are used for objects whereas access control lists are used for users" is incorrect.
"They are basically the same" is incorrect. References used for this question:
CBK, pp. 191 – 192 AIO3 p. 169
Latest SSCP Dumps Valid Version with 1074 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund