Which access control policy is enforced when an environment uses groups?
A.
Rule-based
B.
Role-based
C.
Identity-based
D.
Mandatory
Explanation:
Groups and roles work as containers for users. The administrator orsecurity professional creates the roles or groups and assigns rights to them andthen assigns users to the container. The users then inherit the permissions andrights from the containers (roles and groups), which is how implicit permissions areobtained.