A network administrator is setting up access control for highly sensitive financial records that should be accessible only to the company's executive team. Which of the following methods would be the most appropriate to enforce strict access based on predefined permissions and roles?
Role-Based Access Control (RBAC) is the most suitable choice because it assigns permissions according to the roles that users hold within an organization. In this scenario, a single role such as "executive" can be granted the necessary rights, ensuring that only those users can see the records.
Mandatory Access Control (MAC) is highly secure and label-oriented but is designed around fixed classification levels and can be cumbersome to adjust for changing organizational roles.
Discretionary Access Control (DAC) leaves permission decisions to resource owners, which is more flexible but less stringent and can lead to accidental over-sharing.
Attribute-Based Access Control (ABAC) offers very fine-grained, attribute-driven policies, but that level of complexity is unnecessary when a straightforward role assignment meets the requirements.
Therefore, RBAC best matches the need for role-centric, easily managed restrictions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Can you explain what Role-Based Access Control (RBAC) is in more detail?
Open an interactive chat with Bash
What are the key differences between RBAC and Mandatory Access Control (MAC)?
Open an interactive chat with Bash
How does Discretionary Access Control (DAC) differ from RBAC?