The MOST significant benefit of role-based access control (RBAC) is:
B. Management of least privilege.
RBAC is a widely adopted access control model that provides several benefits, but the management of least privilege is considered its most significant advantage. RBAC ensures that users are assigned only the privileges necessary to perform their specific job functions, known as the principle of least privilege.
By implementing RBAC, organizations can minimize the risk of inappropriate access and unauthorized actions. Users are granted access rights based on predefined roles that align with their responsibilities, eliminating unnecessary privileges that could be exploited. This helps to reduce the attack surface and potential impact of security incidents.
While RBAC also offers other benefits, such as reducing administrative overhead and providing a structured and scalable access control framework, the management of least privilege is considered the most significant because it directly addresses the principle of granting users the minimal privileges required to perform their tasks effectively and securely.
ps. do not forget segregation of duties
Role-Based Access Control (RBAC) is a model for managing user permissions based on their role within an organization. The key advantage of RBAC is that it simplifies access control by grouping permissions into roles and assigning those roles to users, rather than managing individual permissions for each user.
Why Option D is Correct:
Reduction in authorization administration overhead is the most significant benefit of RBAC because it allows for easier management of user access. Instead of assigning individual permissions to each user, administrators can assign users to roles, and those roles automatically inherit the appropriate permissions. This significantly reduces the administrative burden and ensures consistency in access management.
As the organization grows, managing individual permissions becomes more complex and error-prone. RBAC simplifies this by reducing the number of direct assignments needed and ensuring that users only have access to the resources required for their roles.
D
RBAC does not guarantee you give the least privilege. It allows you not to spend too much time doing it. Least priviledge is an objective, but RBAC does not guarantee it !
I think you're right. It sounds to me like RBAC guarantee's uniformity and consistency based on roles, but not necessarily least privilege. Reduction of admin overhead is the prime advantage.
You could potentially use RBAC to give all analysts roles access to engineering, which they don't really need. It's not a benefit, but more like a use/misuse case.
D. management and admin overhead work is reduced by put placing ten thousand users into one group if they all need to have access to a particular object.
RBAC is not granular access level, that is where DAC comes into play providing special access to a specific user or group granted by the data owner.
D is the correct answer.
D. This question asks for the most significant benefit or RBAC. I searched a lot and didn't find a single site that listed anything besides D is a benefit. A sounds good but I didn't see it anywhere, so D.
Should be D because it mentions about the benefit (not an objective) of the RBAC. An objective of the RBAC is to utilize the least privilege principle. And "Think like a manager" also requires us to think about the managerial benefit first which is reducing admin overhead by utilizing abstraction and the principle of least priv. So D
B. Management of least privilege
The most significant benefit of role-based access control (RBAC) is the management of least privilege. Least privilege is the practice of limiting access to the minimum set of privileges required to perform a specific job or task. In RBAC, users are assigned roles, and roles are assigned the least set of privileges necessary to perform their functions. This approach helps to prevent inappropriate access by ensuring that users are only able to access the resources and perform the actions that they need to do their jobs. Additionally, it makes it easier to manage access control by reducing the need to manage permissions at the individual user level
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Cww1
Highly Voted 2 years, 3 months agojackdryan
1 year, 7 months agoBach1968
Highly Voted 1 year, 5 months agoFouad777
Most Recent 3 days, 21 hours agoRamye
6 months, 1 week agoCCNPWILL
8 months, 2 weeks ago73f8ac3
8 months, 4 weeks agodeeden
4 months, 3 weeks agodeeden
4 months, 3 weeks agoHongjun
9 months, 4 weeks agoOriginalDragon
10 months, 3 weeks agodm808
9 months agoSoleandheel
1 year agoZonas
1 year agohomeysl
1 year, 2 months agoMoose01
1 year, 2 months agoOkwy
1 year, 4 months agoHughJassole
1 year, 6 months agoAzurefox79
1 year, 8 months agoJohnyDal
1 year, 11 months agoDee83
1 year, 11 months ago