Free CompTIA Security+ SY0-701 Practice Question

In an organization that employs consultants and permanent staff globally, working on various projects with distinct data access needs, which policy would best enforce access controls that take into account the complexity of roles, location, project assignments, and employment status?

  • Allowing data owners to set privileges based on personal discretion, a common practice in small businesses or startups

  • Enforcing predefined roles for employees that may vary by project, such as in a typical mid-sized enterprise

  • Applying policy that restricts system access to certain times, commonly seen in organizations with a standard day shift operation

  • Implementing a model that adjusts based on user, environment, and resource attributes, such as the one used by a large, global consulting firm

This question's topic:
CompTIA Security+ SY0-701 / 
Security Operations
Your Score:

Check or uncheck an objective to set which questions you will receive.