CompTIA Cloud+ (CV1-003) — Question 54

A cloud administrator is reviewing the authentication and authorization mechanism implemented within the cloud environment. Upon review, the administrator discovers the sales group is part of the finance group, and the sales team members can access the financial application. Single sign-on is also implemented, which makes access much easier.
Which of the following access control rules should be changed?

Answer options

• A. Discretionary-based
• B. Attribute-based
• C. Mandatory-based
• D. Role-based

Correct answer: D

Explanation

The correct answer is D, Role-based, because the sales team should not have access to financial applications unless their role specifically permits it. Discretionary, Attribute-based, and Mandatory access controls do not directly address the specific role-based access issue presented in this scenario.