CAP · Question #283
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?
The correct answer is D. Role-Based Access Control. Role-Based Access Control (RBAC) restricts user access based on defined job roles, directly enforcing the principle of least privilege.
Question
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?
Options
- ADiscretionary Access Control
- BMandatory Access Control
- CPolicy Access Control
- DRole-Based Access Control
How the community answered
(38 responses)- A8% (3)
- B3% (1)
- C3% (1)
- D87% (33)
Why each option
Role-Based Access Control (RBAC) restricts user access based on defined job roles, directly enforcing the principle of least privilege.
Discretionary Access Control (DAC) allows resource owners to control access at their own discretion, which does not systematically enforce least privilege across the organization.
Mandatory Access Control (MAC) uses security labels and classifications set by policy to control access, typically used in high-security government environments, and is not primarily designed for role-based resource restriction.
Policy Access Control is not a recognized standard access control model in information security frameworks.
RBAC assigns permissions to roles rather than to individual users, and users are then assigned to the appropriate role. This ensures employees can access only the resources their job function requires, which directly satisfies the administrator's goal of limiting access to only necessary resources.
Concept tested: Role-Based Access Control and least privilege enforcement
Source: https://csrc.nist.gov/projects/role-based-access-control
Topics
Community Discussion
No community discussion yet for this question.