nerdexam
CompTIA

SY0-301 · Question #889

During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?

The correct answer is B. Matrix of job titles with required access privileges. Role-Based Access Control (RBAC) grants permissions based on a user's role (typically their job function or title) within the organization. To build an RBAC model, administrators must first understand which job roles exist and what resources each role needs to access - this is ca

Security architecture

Question

During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?

Options

  • AConditional rules under which certain systems may be accessed
  • BMatrix of job titles with required access privileges
  • CClearance levels of all company personnel
  • DNormal hours of business operation

How the community answered

(34 responses)
  • A
    6% (2)
  • B
    88% (30)
  • C
    3% (1)
  • D
    3% (1)

Explanation

Role-Based Access Control (RBAC) grants permissions based on a user's role (typically their job function or title) within the organization. To build an RBAC model, administrators must first understand which job roles exist and what resources each role needs to access - this is captured in a job title/role-to-privilege matrix. Clearance levels relate to mandatory access control (MAC), not RBAC. Conditional rules describe attribute-based access control (ABAC). Normal hours of operation might be relevant to time-of-day restrictions but are not the primary input for defining roles. The role-permission matrix is the foundational artifact of any RBAC implementation.

Topics

#RBAC#role definition#privilege matrix#access control

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice