CISSP · Question #1208
An organization would like to ensure that all new users have a predefined departmental access template applied upon creation. The organization would also like additional access for users to be granted
The correct answer is A. Hybrid. The organization needs a combination of centralized access (predefined departmental templates applied at creation) and decentralized access (per-project access granted as needed), which defines a hybrid access administration model.
Question
Options
- AHybrid
- BFederated
- CDecentralized
- DCentralized
How the community answered
(60 responses)- A75% (45)
- B7% (4)
- C15% (9)
- D3% (2)
Why each option
The organization needs a combination of centralized access (predefined departmental templates applied at creation) and decentralized access (per-project access granted as needed), which defines a hybrid access administration model.
Hybrid access administration combines centralized and decentralized approaches: centralized control enforces standardized departmental access templates at user creation, while decentralized elements allow project-based access to be granted individually as needed. This dual approach satisfies both the organization's need for consistency and its need for flexible, situational access grants.
Federated access administration involves trust relationships between separate identity domains or organizations, which does not address the requirement for departmental templates or per-project access within a single organization.
Decentralized access administration delegates all access decisions to individual departments or managers without a standardized baseline, failing to meet the requirement for a predefined departmental template applied uniformly at user creation.
Centralized access administration applies uniform, top-down control over all access decisions, which would not accommodate the flexible, per-project access grants the organization requires.
Concept tested: Hybrid user access administration model characteristics
Source: https://www.nist.gov/system/files/documents/2020/07/02/NIST.SP.800-162.pdf
Topics
Community Discussion
No community discussion yet for this question.