PT0-002 Question #372: Real Exam Question with Answer & Explanation

Question

A penetration tester identified numerous flaws that could lead to unauthorized modification of critical data. Which of the following would be best for the penetration tester to recommend?

Options

• AFlat access
• BRole-based access control
• CPermission-based access control
• DGroup-based control model

Explanation

To prevent unauthorized modification of critical data, implementing Role-Based Access Control (RBAC) is the most effective recommendation. RBAC assigns permissions based on an individual's role within an organization, ensuring users only have the access necessary for their job functions and limiting potential for unauthorized data changes.

Common mistakes.

• A. Flat access means all users have the same level of access, which is highly insecure and directly contrary to the goal of preventing unauthorized data modification.
• C. Permission-based access control is a general term, and while RBAC is a type of permission-based control, RBAC specifically organizes permissions into roles, which is a more structured and manageable approach than individual permission assignment, especially for scalability.
• D. Group-based control model is a common way to implement access control, but RBAC is a more specific and structured model that defines permissions based on roles rather than just arbitrary groups, often allowing for more granular and policy-driven access management.

Concept tested. Access control models for data integrity

Reference. https://learn.microsoft.com/en-us/azure/role-based-access-control/overview

No community discussion yet for this question.