Which access control type would give a system administrator the ability to assign access according to least privilege?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your skills for the CompTIA Cloud+ exam. Prepare with interactive quizzes, detailed explanations, and real exam simulations. Set the stage for your cloud certification success!

Multiple Choice

Which access control type would give a system administrator the ability to assign access according to least privilege?

Explanation:
Least privilege is most effectively implemented through role-based access control. In RBAC, permissions are tied to defined roles rather than to individual users, and users are granted those roles based on their job responsibilities. This setup ensures each person receives only the permissions needed to perform their duties, making it easier to enforce the minimum-access principle and to manage changes in roles over time. It also simplifies auditing and supports separation of duties by controlling which roles can operate together. Discretionary access control gives owners the power to grant access at their discretion, which can lead to inconsistent application of least privilege and broader access than necessary. Mandatory access control relies on centralized labels and clearances, which is rigid and not inherently aligned with everyday job functions. Rule-based access control applies policies and conditions to access decisions, but it doesn’t inherently map permissions to stable job roles for enforcing least privilege.

Least privilege is most effectively implemented through role-based access control. In RBAC, permissions are tied to defined roles rather than to individual users, and users are granted those roles based on their job responsibilities. This setup ensures each person receives only the permissions needed to perform their duties, making it easier to enforce the minimum-access principle and to manage changes in roles over time. It also simplifies auditing and supports separation of duties by controlling which roles can operate together.

Discretionary access control gives owners the power to grant access at their discretion, which can lead to inconsistent application of least privilege and broader access than necessary. Mandatory access control relies on centralized labels and clearances, which is rigid and not inherently aligned with everyday job functions. Rule-based access control applies policies and conditions to access decisions, but it doesn’t inherently map permissions to stable job roles for enforcing least privilege.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy