A new multi-tenant platform needs to grant privileges based on department membership. The project lead wants to reduce maintenance work and ensure consistent permissions across departments. Which approach addresses these needs while reducing overhead and ensuring uniform enforcement?
Role-based model referencing department membership to define privileges
Using a single shared credential for staff, validated through external identity services
Single level granting staff uniform read/write rights
Manual assignment of unique permissions for each individual user
A role-based model referencing department membership creates clear associations between each team and its necessary rights. It centralizes how privileges are granted, reducing duplication of effort and the risk of misconfiguration. Single-level permission does not separate different job functions, manual per-user settings create high administrative burdens and tend to be error-prone, and a shared credential compromises visibility into who is accessing each resource.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the role-based access control (RBAC) model?
Open an interactive chat with Bash
Why is manual assignment of permissions error-prone?
Open an interactive chat with Bash
What are the risks of using a single shared credential for staff?