Your organization has implemented a new application to handle sensitive data and requires access to be controlled based on job responsibilities. Which access control mechanism is best suited for ensuring that individuals can only access resources aligned with their assigned functions?
Role-based access control (RBAC) effectively restricts access based on the predefined roles of users within the organization, ensuring that permissions are granted based on a person's job responsibilities. This model simplifies the management of access rights, making it easier to enforce policies consistently. In contrast, discretionary access control (DAC) allows individuals to share permissions at their discretion, potentially leading to security vulnerabilities. Mandatory access control (MAC) enforces access policies based on fixed security levels that limit flexibility, while attribute-based access control (ABAC) focuses on dynamic attributes, which can complicate the assignment of permissions unnecessarily for this situation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the key principles behind Role-Based Access Control (RBAC)?
Open an interactive chat with Bash
How does RBAC differ from Discretionary Access Control (DAC)?
Open an interactive chat with Bash
What are the advantages and disadvantages of using Mandatory Access Control (MAC)?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access