nerdexam
(ISC)2

CISSP · Question #476

The core component of Role Based Access control (RBAC) must be constructed of defined data elements. Which elements are required?

The correct answer is B. Users, rotes, operations, and protected objects. The core component of Role Based Access Control (RBAC) must be constructed of defined data elements. The elements that are required are users, roles, operations, and protected objects. RBAC is a model of access control that assigns permissions to roles, rather than to individual

Submitted by suresh_in· Mar 5, 2026Identity and Access Management

Question

The core component of Role Based Access control (RBAC) must be constructed of defined data elements. Which elements are required?

Options

  • AUsers, permissions, operators, and protected objects
  • BUsers, rotes, operations, and protected objects
  • CRoles, accounts, permissions, and protected objects
  • DRoles, operations, accounts, and protected objects

How the community answered

(37 responses)
  • A
    5% (2)
  • B
    89% (33)
  • C
    3% (1)
  • D
    3% (1)

Explanation

The core component of Role Based Access Control (RBAC) must be constructed of defined data elements. The elements that are required are users, roles, operations, and protected objects. RBAC is a model of access control that assigns permissions to roles, rather than to individual users. A role is a logical grouping of users that share common responsibilities or functions within an organization. An operation is an action that can be performed on a protected object. A protected object is a resource or entity that is subject to access control, such as a file, a database, or a network device. RBAC defines the relationships between users, roles, operations, and protected objects, and enforces the access rules based on these relationships. Users, permissions, operators, and protected objects; roles, accounts, permissions, and protected objects; and roles, operations, accounts, and protected objects are not the correct elements that are required for the core component of RBAC, although they may be related or derived from the

Topics

#RBAC#access control models#identity and access management#authorization

Community Discussion

No community discussion yet for this question.

Full CISSP Practice