Certified Information Systems Security Professional (CISSP) — Question 295

What is the MOST significant benefit of role-based access control (RBAC)?

Answer options

• A. Reduces inappropriate access
• B. Management of least privilege
• C. Most granular form of access control
• D. Reduction in authorization administration overhead

Correct answer: B

Explanation

The correct answer, B, reflects that RBAC is designed to enforce the principle of least privilege by ensuring users have only the access necessary for their roles. While options A, C, and D describe benefits of RBAC, they do not capture its most critical advantage, which is effective management of user permissions aligned with their job functions.