CompTIA Security+ SY0-701 Practice Question
An organization needs to restrict access to sensitive data files stored on a network share. They require that only members of the finance department can read and modify these files, and that all access attempts are recorded for auditing purposes. Which of the following methods will BEST meet these requirements?
Assign permissions to the finance group on the shared folder and enable auditing on the folder.
Use Mandatory Access Control (MAC) to enforce policies based on data classification.
Allow file owners to set permissions using Discretionary Access Control (DAC).
Implement Role-Based Access Control (RBAC) to assign permissions based on user roles.