Which access control method ensures employees do not retain access from old positions when moving to new roles?

Role-based access controls (RBAC) are designed to manage user access based on their roles within an organization. In this access control model, permissions are assigned to specific roles rather than to individual users. This approach ensures that when employees change roles within the organization, their access rights can be adjusted accordingly.

When an employee moves to a new position, the administrator can easily revoke access associated with the old role and assign access relevant to the new role. This systematic approach minimizes the risk of employees retaining permissions that are no longer appropriate, which can lead to security vulnerabilities. By tying access rights directly to roles rather than individuals, RBAC provides a controlled means of managing access across various job functions and circumstances, ensuring that employees only have the access necessary for their current responsibilities.

In contrast, the other options provide different methodologies for access control but do not directly address the issue of managing access during role transitions in the same effective manner that RBAC does.