Certified Cloud Security Professional (CCSP) — Question 457

Identity and access management (IAM) is a security discipline that ensures which of the following?

Answer options

• A. That all users are properly authorized
• B. That the right individual gets access to the right resources at the right time for the right reasons.
• C. That all users are properly authenticated
• D. That unauthorized users will get access to the right resources at the right time for the right reasons

Correct answer: B

Explanation

The correct answer, B, highlights the objective of IAM to ensure that access is granted to the right person under the right circumstances. Option A focuses on authorization but does not encompass the timing and reasons for access. Option C emphasizes authentication, which is necessary but not sufficient for the complete IAM goal. Option D contradicts IAM principles by stating that unauthorized users gain access.