CERTIFIED-IN-CYBERSECURITY · Question #267
CERTIFIED-IN-CYBERSECURITY Question #267: Real Exam Question with Answer & Explanation
The correct answer is C: Authorization. Authorization is the process of granting or denying specific rights and permissions to a user within a system or application (see ISC2 Study Guide, Chapter 3, Module 2). For example, in a banking system, a teller may be authorized to access customer account information and proces
Question
What is the term for an instance in which a logged-in user can perform specific activities within an application or system?
Options
- AGroup management
- BRoles
- CAuthorization
- DLogins
Explanation
Authorization is the process of granting or denying specific rights and permissions to a user within a system or application (see ISC2 Study Guide, Chapter 3, Module 2). For example, in a banking system, a teller may be authorized to access customer account information and process transactions, but would not be authorized to approve loans or change system settings. This is determined by the user's identity and the privileges assigned to them. The other options are incorrect. Roles and group management are methods of organizing users based on common attributes and permissions, but they do not grant or deny access to specific resources or actions. Logins are the process of entering a system or application by providing valid credentials, but this process does not determine what actions a user can perform within the system.
Topics
Community Discussion
No community discussion yet for this question.