An organization needs to restrict access to sensitive data files stored on a network share. They require that only members of the finance department can read and modify these files, and that all access attempts are recorded for auditing purposes. Which of the following methods will BEST meet these requirements?
You selected this option
Implement Role-Based Access Control (RBAC) to assign permissions based on user roles.
You selected this option
Allow file owners to set permissions using Discretionary Access Control (DAC).
You selected this option
Assign permissions to the finance group on the shared folder and enable auditing on the folder.
You selected this option
Use Mandatory Access Control (MAC) to enforce policies based on data classification.
Assigning permissions to the finance group on the shared folder and enabling auditing on the folder will best meet the organization's requirements. This method ensures that only authorized finance department members have the necessary access while providing a record of all access attempts for compliance and monitoring.
Implementing Role-Based Access Control (RBAC) assigns permissions based on roles but may not provide the specific auditing capabilities needed in this scenario. Using Mandatory Access Control (MAC) enforces strict policies based on data classification levels, which can be overly complex and inflexible for the organization’s needs. Allowing file owners to set permissions using Discretionary Access Control (DAC) may lead to inconsistent permission settings and does not guarantee that all access attempts are audited.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the benefits of enabling auditing on a folder?
Open an interactive chat with Bash
What distinguishes Role-Based Access Control (RBAC) from traditional access control methods?
Open an interactive chat with Bash
What is the difference between Discretionary Access Control (DAC) and Mandatory Access Control (MAC)?