An enterprise needs a method to grant or deny permissions based on multiple factors such as user location, device type, and data classification. Which approach is best suited for these requirements?
An approach that adapts to multiple user traits and environmental information for each request
A method that uses groupings to assign permissions to employees
A discretionary scheme that leaves resource owners responsible for approval decisions
A structure that labels resources in rigid tiers to enforce classifications
The correct approach evaluates user and environment details for requests, providing flexibility and context awareness. Discretionary control relies on resource owners, role-based grouping links privileges to predefined sets, and rigid tiers use fixed categories. These do not adapt as effectively to changing variables.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an adaptive access control approach?
Open an interactive chat with Bash
How does adaptive access control differ from role-based access control?
Open an interactive chat with Bash
Why are fixed-tier systems less effective for dynamic enterprise needs?