At the BlueTech company, an employee named Maya is assigned the role of 'Marketing Analyst.' Which of the following best describes how the system should enforce Maya's access to the company's digital marketing platform?
Using role-based access control to provide specific permissions associated with the 'Marketing Analyst' role
Applying least privilege model by manually adjusting permissions for each task she needs to perform
Setting custom user settings for Maya's user account based on her personal preferences
Granting unrestricted access to all features of the platform because she might need them in the future
Role-based access control is correct because it links access permissions to the employee's role within the organization. In this case, as a 'Marketing Analyst,' Maya would have access rights specific to her role, which enables her to perform her job functions. Least privilege model is incorrect as it is a principle and not a method. Custom user settings refer to individual settings tailored for a user and are not based on roles. Unrestricted access would grant Maya more permissions than necessary, violating security best practices.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is role-based access control (RBAC)?
Open an interactive chat with Bash
What is the principle of least privilege?
Open an interactive chat with Bash
Why is unrestricted access to features not a good practice?