Certificate of Cloud Auditing Knowledge (CCAK) — Question 72

A large organization with subsidiaries in multiple locations has a business requirement to organize IT systems to have identified resources reside in particular locations with organizational personnel. Which access control method will allow IT personnel to be segregated across the various locations?

Answer options

• A. Role Based Access Control
• B. Attribute Based Access Control
• C. Policy Based Access Control
• D. Rule Based Access Control

Correct answer: B

Explanation

Attribute Based Access Control (ABAC) is ideal for this scenario as it allows access permissions to be granted based on various attributes, including location and organizational role, thus facilitating resource allocation across different sites. In contrast, Role Based Access Control (RBAC) relies on predefined roles which may not provide the necessary granularity for location-specific access. Policy Based Access Control (PBAC) and Rule Based Access Control (RBAC) also lack the flexibility needed for this multi-location requirement.