CISSP · Question #478
Individuals have been identified and determined as having a need-to-know for the information. Which of the following access control methods MUST include a consistent set of rules for controlling and l
The correct answer is B. Role-Based Access Control (RBAC). Role-Based Access Control (RBAC) is an access control method that assigns permissions to users based on their roles or functions within an organization. RBAC requires a consistent set of rules for controlling and limiting access, as each role is defined by a set of access rights
Question
Options
- AAttribute Based Access Control (ABAC)
- BRole-Based Access Control (RBAC)
- CDiscretionary Access Control (DAC)
- DMandatory Access Control (MAC)
How the community answered
(39 responses)- A3% (1)
- B79% (31)
- C5% (2)
- D13% (5)
Explanation
Role-Based Access Control (RBAC) is an access control method that assigns permissions to users based on their roles or functions within an organization. RBAC requires a consistent set of rules for controlling and limiting access, as each role is defined by a set of access rights that correspond to the level of authority and responsibility of the role. RBAC can simplify access management, enforce the principle of least privilege, improve security and compliance, and reduce administrative overhead.
Topics
Community Discussion
No community discussion yet for this question.