A large company wants to ensure that individuals who perform specific tasks are granted privileges that match their responsibilities while preventing unneeded data access. Which option best meets these requirements?
Require a standardized data use agreement for everyone, offering similar privileges to each individual
Place each department in a shared group and grant consistent permissions to each member
Create custom permissions for each new project and apply them to everyone involved
Identify each employee’s job function and assign them a particular set of permissions that corresponds to their responsibilities
Granting rights based on job function is the most effective way to tailor access according to responsibilities. Department-based or project-based permissions can cause inconsistencies, and requiring a standardized agreement without permission distinctions does not restrict confidential data. By aligning privileges to each job function, managers safeguard access to sensitive information while ensuring those who need specific resources can still perform their work effectively.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the principle of least privilege (PoLP)?
Open an interactive chat with Bash
How does role-based access control (RBAC) help manage permissions?
Open an interactive chat with Bash
What are the risks of not assigning permissions based on job function?