Certified Information Systems Security Professional (CISSP) — Question 421

An organization would like to implement an authorization mechanism that would simplify the assignment of various system access permissions for many users with similar job responsibilities. Which type of authorization mechanism would be the BEST choice for the organization to implement?

Answer options

• A. Role-based access control (RBAC)
• B. Discretionary access control (DAC)
• C. Content-dependent Access Control
• D. Rule-based Access Control

Correct answer: A

Explanation

Role-based access control (RBAC) is ideal for managing permissions based on job roles, allowing for efficient permission assignment across users with similar responsibilities. Discretionary access control (DAC) and content-dependent Access Control do not provide the same level of simplification for managing multiple users with shared job functions, while rule-based Access Control focuses on specific rules rather than roles.