nerdexam
(ISC)2

CISSP · Question #1208

An organization would like to ensure that all new users have a predefined departmental access template applied upon creation. The organization would also like additional access for users to be granted

The correct answer is A. Hybrid. The organization needs a combination of centralized access (predefined departmental templates applied at creation) and decentralized access (per-project access granted as needed), which defines a hybrid access administration model.

Submitted by noor.lb· Mar 5, 2026Identity and Access Management

Question

An organization would like to ensure that all new users have a predefined departmental access template applied upon creation. The organization would also like additional access for users to be granted on a per-project basis. What type of user access administration is BEST suited to meet the organization's needs?

Options

  • AHybrid
  • BFederated
  • CDecentralized
  • DCentralized

How the community answered

(60 responses)
  • A
    75% (45)
  • B
    7% (4)
  • C
    15% (9)
  • D
    3% (2)

Why each option

The organization needs a combination of centralized access (predefined departmental templates applied at creation) and decentralized access (per-project access granted as needed), which defines a hybrid access administration model.

AHybridCorrect

Hybrid access administration combines centralized and decentralized approaches: centralized control enforces standardized departmental access templates at user creation, while decentralized elements allow project-based access to be granted individually as needed. This dual approach satisfies both the organization's need for consistency and its need for flexible, situational access grants.

BFederated

Federated access administration involves trust relationships between separate identity domains or organizations, which does not address the requirement for departmental templates or per-project access within a single organization.

CDecentralized

Decentralized access administration delegates all access decisions to individual departments or managers without a standardized baseline, failing to meet the requirement for a predefined departmental template applied uniformly at user creation.

DCentralized

Centralized access administration applies uniform, top-down control over all access decisions, which would not accommodate the flexible, per-project access grants the organization requires.

Concept tested: Hybrid user access administration model characteristics

Source: https://www.nist.gov/system/files/documents/2020/07/02/NIST.SP.800-162.pdf

Topics

#Access administration#Role-based access control (RBAC)#Hybrid access model#Identity management

Community Discussion

No community discussion yet for this question.

Full CISSP Practice