Users require access to a certain server depending on their job function. Which of the following would be
the MOST appropriate strategy for securing the server?

A.
Common access card

B.
Role based access control

C.
Discretionary access control

D.
Mandatory access control

Explanation:
Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific
role in an environment, that user’s access to objects is granted based on the required tasks of that role.
Incorrect Answers:
A: Smart cards are credit-card-sized IDs, badges, or security passes with an embedded integrated circuit
chip. Common Access Cards (CACs) are the U.S. government and military version of a smart card.
C: Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based
on user identity and on the discretion of the object owner. It does not rely on job function.
D: Mandatory Access Control allows access to be granted or restricted based on the rules of classification.
It does not rely on job function.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 278-284