A network administrator is setting up access control for highly sensitive financial records that should be accessible only to the company's executive team. Which of the following methods would be the most appropriate to enforce strict access based on predefined permissions and roles?
Role-Based Access Control (RBAC) is the most suitable choice because it allows access based on the roles of individual users within an organization. This method is effective in environments where permissions are closely tied to the organizational structure and the roles of the employees.
MAC, or Mandatory Access Control, although security-focused, is more suited for environments requiring classification levels and has less flexibility in roles, which might make it cumbersome for dynamic role changes.
Discretionary Access Control (DAC) gives the creators or owners of the resources the power to decide on access, which could be less stringent for sensitive corporate information.
Attribute-Based Access Control (ABAC) allows the definition of policies with more granularity based on multiple attributes, which might be unnecessarily complex for the scenario described.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Can you explain what Role-Based Access Control (RBAC) is in more detail?
Open an interactive chat with Bash
What are the key differences between RBAC and Mandatory Access Control (MAC)?
Open an interactive chat with Bash
How does Discretionary Access Control (DAC) differ from RBAC?