Which model assigns access rights to roles rather than individuals?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Identity and Access Manager Exam using flashcards and multiple-choice questions. Gain insights into the exam format, practice with real-world scenarios, and ensure your success in becoming a certified professional.

Multiple Choice

Which model assigns access rights to roles rather than individuals?

Explanation:
Role-based access control assigns access rights to roles, not to individuals. In this model, permissions are organized into roles that reflect specific job functions. A user gains access by being assigned one or more roles, so changing a user’s privileges is as simple as updating their role membership rather than editing permissions on each resource. This approach promotes consistency, simplifies administration, and helps enforce separation of duties as people move between roles. Security labels focus on tagging data with sensitivity levels rather than assigning permissions to users or roles. Transaction-based Rights isn’t a standard access-control model for role assignment, and the Need-to-Know Principle is a guiding restriction rather than a mechanism for assigning permissions to roles, though RBAC can implement it within role definitions.

Role-based access control assigns access rights to roles, not to individuals. In this model, permissions are organized into roles that reflect specific job functions. A user gains access by being assigned one or more roles, so changing a user’s privileges is as simple as updating their role membership rather than editing permissions on each resource. This approach promotes consistency, simplifies administration, and helps enforce separation of duties as people move between roles.

Security labels focus on tagging data with sensitivity levels rather than assigning permissions to users or roles. Transaction-based Rights isn’t a standard access-control model for role assignment, and the Need-to-Know Principle is a guiding restriction rather than a mechanism for assigning permissions to roles, though RBAC can implement it within role definitions.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy