Which of the following methods is based on the user’s roles and responsibilities?
A.
System access control
B.
Role-based access control
C.
Discretionary access control
D.
Mandatory access control
Explanation:
Role-based access control method is based on the user’s roles and responsibilities.
Role-based access control (RBAC) is an access control model. In this model, a user can access
resources according to his role in the
organization. For example, a backup administrator is responsible for taking backups of important
data. Therefore, he is only authorized to
access this data for backing it up. However, sometimes users with different roles need to access the
same resources. This situation can also
be handled using the RBAC model.
Answer C is incorrect. Discretionary access control (DAC) is an access policy determined by the
owner of an object. The owner decides
who should be allowed to access the object and what privileges they should have.
Answer D is incorrect. Mandatory access control uses security lablel system.
Answer A is incorrect. There is no access control method such as System access control.