CompTIA Security Plus Mock Test Q902

A company hired Joe, an accountant. The IT administrator will need to create a new account for Joe. The company uses groups for ease of management and administration of user accounts. Joe will need network access to all directories, folders and files within the accounting department. Which of the following configurations will meet the requirements?

A. Create a user account and assign the user account to the accounting group.
B. Create an account with role-based access control for accounting.
C. Create a user account with password reset and notify Joe of the account creation.
D. Create two accounts: a user account and an account with full network administration rights.


Correct Answer: B
Section: Access Control and Identity Management

Explanation:
Role-based Access Control is basically based on a user’s job description. When a user is assigned a specific role in an environment, that user’s access to objects is granted based on
the required tasks of that role. The IT administrator should, therefore, create an account with role-based access control for accounting for Joe.

Incorrect Answers:
A: Assigning Joe’s user account to the accounting group will not necessarily allow Joe the required access, as different users require different access.
C: Creating a user account with password reset will not allow Joe the required access, as permissions still have to be granted.
D: Doing this will give Joe more rights than is required.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 82, 280