CompTIA Security Plus Mock Test Q1000

A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer will have very different job requirements and use unique tools and applications in their job. Which of the following is MOST appropriate to use?

A. Role-based privileges
B. Credential management
C. User assigned privileges
D. User access


Correct Answer: A
Section: Access Control and Identity Management

Explanation:
In this question, we have engineers who require different tools and applications according to their specialized job function. We can therefore use the Role-Based Access Control
model.
Role-Based Access Control (RBAC) models approach the problem of access control based on established roles in an organization. RBAC models implement access by job function or
by responsibility. Each employee has one or more roles that allow access to specific information. If a person moves from one role to another, the access for the previous role will no
longer be available.
Instead of thinking “Denise needs to be able to edit files,” RBAC uses the logic “Editors need to be able to edit files” and “Denise is a member of the Editors group.” This model is
always good for use in an environment in which there is high employee turnover.

Incorrect Answers:
B: Credential management is the management or storage of usernames and passwords. Credential management is not used to assign privileges or software configurations. Therefore,
this answer is incorrect.
C: We could use user assigned privileges. However, this involves configuring privileges on a per user basis. Every time a new engineer starts, you would have to configure his
privileges. Therefore, this answer is incorrect.
D: User access is a generic term, not a specific configuration. We need to configure user access but other answers define how the user access is configured. Therefore, this answer is
incorrect.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 151-152