A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer
will have very different job requirements and use unique tools and applications in their job. Which of the
following is MOST appropriate to use?
A.
Role-based privileges
B.
Credential management
C.
User assigned privileges
D.
User access
Explanation:
In this question, we have engineers who require different tools and applications according to their
specialized job function. We can therefore use the Role-Based Access Control model.
Role-Based Access Control (RBAC) models approach the problem of access control based on established
roles in an organization. RBAC models implement access by job function or by responsibility. Each
employee has one or more roles that allow access to specific information. If a person moves from one
role to another, the access for the previous role will no longer be available.
Instead of thinking “Denise needs to be able to edit files,” RBAC uses the logic “Editors need to be able to
edit files” and “Denise is a member of the Editors group.” This model is always good for use in an
environment in which there is high employee turnover.
Incorrect Answers:B: Credential management is the management or storage of usernames and passwords. Credential
management is not used to assign privileges or software configurations. Therefore, this answer is
incorrect.
C: We could use user assigned privileges. However, this involves configuring privileges on a per user basis.
Every time a new engineer starts, you would have to configure his privileges. Therefore, this answer is
incorrect.
D: User access is a generic term, not a specific configuration. We need to configure user access but other
answers define how the user access is configured. Therefore, this answer is incorrect.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 151-152