(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which access control method ensures employees do not retain access from old positions when moving to new roles?

Role-based access controls (RBAC)
Mandatory access controls (MAC)
Discretionary access controls (DAC)
Logging

The correct answer is: Role-based access controls (RBAC)

Role-based access controls (RBAC) are designed to manage user access based on their roles within an organization. In this access control model, permissions are assigned to specific roles rather than to individual users. This approach ensures that when employees change roles within the organization, their access rights can be adjusted accordingly. When an employee moves to a new position, the administrator can easily revoke access associated with the old role and assign access relevant to the new role. This systematic approach minimizes the risk of employees retaining permissions that are no longer appropriate, which can lead to security vulnerabilities. By tying access rights directly to roles rather than individuals, RBAC provides a controlled means of managing access across various job functions and circumstances, ensuring that employees only have the access necessary for their current responsibilities. In contrast, the other options provide different methodologies for access control but do not directly address the issue of managing access during role transitions in the same effective manner that RBAC does.