Review Exercises: Access Control Exercise 1The network administrator at SBC Inc. has created a group account called marketExploration. The main job of the group is identifying niche markets and developing the SBC’s strategy for penetrating the identified niche markets. The group includes the following four members:Name DepartmentJohn Hampton MarketingLynn Hubert SalesWilliam Johns MarketingElaine Busch ManagementThe network administrator assigned the marketExploration group the following access rights on two network shares the group members will need in doing the job. Allow: Execute Files, List Folders, Create Files, Create Folders, Delete, Read Permissions, TakeOwnership. Question 1: What access control strategy was used by the network administrator in assigning theaccess rights?a) Mandatory Access Controlb) Role-Based Access Controlc) List-Based Access Controld) None of the aboveQuestion 2: Explain your answer to Question 1______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________Question 3: Is there any security hole associated with the access right assignment that could leadto some sort of discretionary access control? Explain________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________MIS 4850 Systems Security Page 1 of 2______________________________________________________________________________Exercise 2The network at SBC Inc. is configured as a single domain called sbcinc.com. The domain is controlled by a Windows Server 2003 computer. The network administrator has created and configured a domain-level group policy that prevent users from sharing files that other users could get access to over the network. The network is an all-Windows network where employees have Windows XP Professional workstations. Each employee has administrator’s privilege on his/her own workstation, which means they are able to download material from the Internet to their workstation, install programs, and create files and share them with local users (i.e. users with accounts created on the local machine and therefore available in the local account database) among other things. Question 1: What access control strategy is used at SBC Inc.?a) Mandatory Access Controlb) Role-Based Access Controlc) List-Based Access Controld) Discretionary Access Controle) None of the aboveQuestion 2: Explain your answer to Question 1______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ Question 3: Billy, one the SBC’s employees, has gain a high level of expertise in financial services over the years. He regularly creates spreadsheets that could help people in the Financial Services department do their job better. What could be a safe way of allowing Billy to share spreadsheet files so that Financial Services’ worker could get access to them over the network?______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________MIS 4850 Systems Security Page 2 of