CompTIA Security+ SY0-701 Practice Question
A company's IT department is implementing a new web application that will store sensitive customer information. As part of the design, they need to ensure appropriate user access to data within the application. Which of the following methods is MOST effective in restricting access to the data based on a user's role within the company?
Requiring username and password authentication for application logins
Using MAC to assign classification labels to data
RBAC
Allowing DAC where users control access to their data