Certified Information Security Manager (CISM) — Question 799

Security administration efforts will be greatly reduced following the deployment of which of the following techniques?

Answer options

• A. Access control lists
• B. Distributed access control
• C. Discretionary access control
• D. Role-based access control

Correct answer: D

Explanation

Role-based access control (RBAC) simplifies security administration by assigning permissions based on user roles rather than individual user accounts, reducing complexity. In contrast, access control lists, distributed access control, and discretionary access control require more granular management, leading to increased administrative overhead.