🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional32 / 129
Question 32 of 129

A research firm allows the creator of each project document to decide who may read or edit it, and to pass those permissions on to colleagues as they see fit. The security team notices that files are being freely shared between team members based solely on the file creators' judgment, with no central authority validating each grant. Which access control model is in use, and what is its inherent weakness in this scenario?

Reviewed for accuracy · Report an issueNext question