SY0-301 · Question #889
During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?
The correct answer is B. Matrix of job titles with required access privileges. Role-Based Access Control (RBAC) grants permissions based on a user's role (typically their job function or title) within the organization. To build an RBAC model, administrators must first understand which job roles exist and what resources each role needs to access - this is ca
Question
During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?
Options
- AConditional rules under which certain systems may be accessed
- BMatrix of job titles with required access privileges
- CClearance levels of all company personnel
- DNormal hours of business operation
How the community answered
(34 responses)- A6% (2)
- B88% (30)
- C3% (1)
- D3% (1)
Explanation
Role-Based Access Control (RBAC) grants permissions based on a user's role (typically their job function or title) within the organization. To build an RBAC model, administrators must first understand which job roles exist and what resources each role needs to access - this is captured in a job title/role-to-privilege matrix. Clearance levels relate to mandatory access control (MAC), not RBAC. Conditional rules describe attribute-based access control (ABAC). Normal hours of operation might be relevant to time-of-day restrictions but are not the primary input for defining roles. The role-permission matrix is the foundational artifact of any RBAC implementation.
Topics
Community Discussion
No community discussion yet for this question.