CompTIA Network+ (N10-008) — Question 99

A network administrator is required to ensure that auditors have read-only access to the system logs, while systems administrators have read and write access to the system logs, and operators have no access to the system logs. The network administrator has configured security groups for each of these functional categories. Which of the following security capabilities will allow the network administrator to maintain these permissions with the LEAST administrative effort?

Answer options

• A. Mandatory access control
• B. User-based permissions
• C. Role-based access
• D. Least privilege

Correct answer: C

Explanation

Role-based access is the best choice because it allows permissions to be assigned based on the role of the user, simplifying the management of access rights. In contrast, mandatory access control and user-based permissions can be more complex and require more administrative effort to maintain, while least privilege is a principle rather than a method of access control.