A multinational corporation is implementing a comprehensive security framework for network access control. Which sequence of security controls BEST reflects the proper order and function in a complete access management framework?
Identity verification, followed by permission determination, then activity monitoring.
User profiling, followed by resource allocation, then credential management.
Permission assignment, followed by identity validation, then resource utilization tracking.
Credential validation, followed by user action logging, then access rights assignment.
The correct answer is 'Identity verification, followed by permission determination, then activity monitoring.' This accurately describes the three distinct components of Authentication, Authorization, and Accounting (AAA) frameworks:
Identity verification (Authentication): Verifies that users are who they claim to be, typically through credentials like usernames/passwords, certificates, biometrics, or other factors
Permission determination (Authorization): After authentication, determines what resources a user can access and what actions they can perform
Activity monitoring (Accounting): Tracks and logs user activities, including login times, actions performed, resources accessed, and logout times
The other options are incorrect because they either present the components in an incorrect order or misrepresent their functions. For example, identity validation occurs before permission assignment, not after. Similarly, user action logging is the final step in the process, not an intermediary one.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is identity verification in the context of security frameworks?
Open an interactive chat with Bash
How does permission determination work after identity verification?
Open an interactive chat with Bash
What is the significance of activity monitoring in an access management framework?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access