nerdexam
CompTIA

CV0-002 · Question #217

The legal department requires eDiscovery of hosted file shares. To set up access, which of the following is the BEST method to ensure the eDiscovery analyst only has the ability to search but not chan

The correct answer is D. RBAC. To grant an eDiscovery analyst search-only access to hosted file shares without allowing configuration changes, Role-Based Access Control (RBAC) is the most suitable method.

Security

Question

The legal department requires eDiscovery of hosted file shares. To set up access, which of the following is the BEST method to ensure the eDiscovery analyst only has the ability to search but not change configuration or settings?

Options

  • APKI
  • BSSO
  • CMFA
  • DRBAC

How the community answered

(46 responses)
  • A
    2% (1)
  • C
    4% (2)
  • D
    93% (43)

Why each option

To grant an eDiscovery analyst search-only access to hosted file shares without allowing configuration changes, Role-Based Access Control (RBAC) is the most suitable method.

APKI

PKI (Public Key Infrastructure) is used for establishing identity and encrypting communications, not for defining user permissions.

BSSO

SSO (Single Sign-On) simplifies authentication by allowing users to access multiple services with one set of credentials, but it does not define what actions they can perform within those services.

CMFA

MFA (Multi-Factor Authentication) adds an extra layer of security during the authentication process to verify user identity, but it does not control specific permissions or roles once authenticated.

DRBACCorrect

RBAC allows administrators to define specific roles with granular permissions, such as read-only access for eDiscovery functions, and then assign these roles to users or groups. This ensures the analyst can perform necessary searches while being explicitly prevented from modifying system configurations or settings, aligning with the principle of least privilege.

Concept tested: Role-Based Access Control (RBAC) for least privilege

Source: https://learn.microsoft.com/en-us/azure/role-based-access-control/overview

Topics

#Access control#RBAC#eDiscovery#Least privilege

Community Discussion

No community discussion yet for this question.

Full CV0-002 Practice