CompTIA Security+ (SY0-501) — Question 325
A security administrator needs to configure remote access to a file share so it can only be accessed between the hours of 9:00 a.m. and 5:00 p.m. Files in the share can only be accessed by members of the same department as the data owner. Users should only be able to create files with approved extensions, which may differ by department. Which of the following access controls would be the MOST appropriate for this situation?
Answer options
- A. RBAC
- B. MAC
- C. ABAC
- D. DAC
Correct answer: C
Explanation
The most appropriate access control for this scenario is ABAC (Attribute-Based Access Control), as it allows for fine-grained access control based on attributes such as time, department, and file extension. RBAC (Role-Based Access Control) is less flexible in this context because it does not account for the specific attributes needed for file access restrictions. MAC (Mandatory Access Control) and DAC (Discretionary Access Control) also do not provide the necessary level of customization required for department-specific file extension restrictions.