In access control, we use the terms subjects and objects. Knowing the difference and what both can do is important for the exam.
Subject – (Active) Most often users, but can also be programs – Subjects manipulate object.
Object – (Passive) Any passive data (both physical paper and data) – Objects are manipulated by subject.
It is possible to be both at different times, an active program is a subject; when closed, the data in program can be object.