A company is rolling out a new intelligent assistant that integrates with internal databases containing client data. Which method is most suitable for controlling user capabilities while safeguarding sensitive information in this environment?
Require complex passwords for every account without changing privileges
Log every action in the system and wait for investigation if suspicious activity is found
Assign privileges based on each employee’s duties and review them on a set schedule
Create a single uniform profile so all staff have the same capabilities
Role-based access control (RBAC) ensures users receive permissions based on their job duties, minimizing unnecessary exposure to sensitive data. Reviewing these privileges regularly helps maintain alignment with security policies. Complex passwords, audit logs, and uniform access profiles each address different security goals but do not directly enforce appropriate privilege boundaries. Only RBAC effectively prevents overprovisioned access at scale.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Role-Based Access Control (RBAC)?
Open an interactive chat with Bash
Why is reviewing privileges on a set schedule important?