Which model uses administrator-managed ACLs to provide user permissions based on job functions?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

Which model uses administrator-managed ACLs to provide user permissions based on job functions?

Explanation:
Mapping permissions to roles based on job functions is the essence of Role-Based Access Control. In this model, administrators define roles that align with what a particular job function needs, assign the appropriate permissions to those roles, and then grant users access by assigning them to the relevant roles. This centralizes control, makes it easier to enforce least privilege, and simplifies updates when someone moves to a different function—the user inherits the permissions of the new role rather than having permissions changed one by one. The administrator manages both the role-to-permission mappings and the user-to-role assignments, ensuring access reflects responsibilities. Discretionary Access Control lets owners grant access at their discretion, MAC enforces a system-wide mandatory policy using security labels, and ABAC makes decisions based on user, resource, and environment attributes.

Mapping permissions to roles based on job functions is the essence of Role-Based Access Control. In this model, administrators define roles that align with what a particular job function needs, assign the appropriate permissions to those roles, and then grant users access by assigning them to the relevant roles. This centralizes control, makes it easier to enforce least privilege, and simplifies updates when someone moves to a different function—the user inherits the permissions of the new role rather than having permissions changed one by one. The administrator manages both the role-to-permission mappings and the user-to-role assignments, ensuring access reflects responsibilities.

Discretionary Access Control lets owners grant access at their discretion, MAC enforces a system-wide mandatory policy using security labels, and ABAC makes decisions based on user, resource, and environment attributes.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy