CAP · Question #261
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?
The correct answer is B. Role-Based Access Control. Role-Based Access Control (RBAC) restricts system access based on a user's defined role within an organization, ensuring users only access resources needed for their job function.
Question
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?
Options
- AMandatory Access Control
- BRole-Based Access Control
- CDiscretionary Access Control
- DPolicy Access Control
How the community answered
(39 responses)- A3% (1)
- B87% (34)
- C8% (3)
- D3% (1)
Why each option
Role-Based Access Control (RBAC) restricts system access based on a user's defined role within an organization, ensuring users only access resources needed for their job function.
Mandatory Access Control (MAC) enforces access based on security labels and classifications assigned by a central authority, not by job role or resource need.
RBAC assigns permissions to roles rather than individuals, and users are assigned to appropriate roles - this directly enforces least-privilege access by limiting each user to only the resources required for their specific job function. It is the standard model used when an administrator wants to align access rights with organizational roles. This makes it ideal for managing large numbers of users with predictable job-based access needs.
Discretionary Access Control (DAC) allows resource owners to grant or revoke access at their own discretion, which does not systematically limit users to only required resources.
Policy Access Control is not a recognized standard access control model in information security frameworks.
Concept tested: Role-Based Access Control model and least privilege
Source: https://csrc.nist.gov/glossary/term/role_based_access_control
Topics
Community Discussion
No community discussion yet for this question.