Skip to Content

CompTIA Security+ (Plus): What Principle Does Role-Based Access Control (RBAC) Follow?

By: Author Alex Lim

Posted on

Categories Exam

What principle does role-based access control (RBAC) follow in cybersecurity? Learn how RBAC assigns permissions based on job roles, supporting least privilege and efficient access management—essential for CompTIA Security+ (Plus) SY0-701 exam success.

Table of Contents

Question

A company uses role-based access control (RBAC). What principle does this model follow?

A. Users can modify their own access privileges
B. Users receive permissions based on their job roles
C. Users must be approved by multiple managers for access
D. Users authenticate only once using single sign-on (SSO)
E. Users receive temporary access by default

Answer

B. Users receive permissions based on their job roles

Explanation

RBAC grants permissions based on a user’s job function, minimizing unnecessary access.

Role-based access control (RBAC) follows the principle that users receive permissions based on their job roles.

RBAC is an access control model that assigns permissions to users according to their roles within an organization, rather than on an individual basis. A role represents a collection of permissions needed to perform specific job functions, such as administrator, HR specialist, or data analyst.

This approach ensures that users have access only to the resources necessary for their responsibilities, supporting the principle of least privilege and reducing the risk of unauthorized access or over-permissioned accounts.

When an employee’s job changes, their access can be easily modified by updating their assigned role, streamlining access management and maintaining security.

RBAC is widely adopted in organizations to simplify permission management, enhance data protection, and support regulatory compliance by ensuring that only authorized users can access sensitive information and systems.

RBAC assigns access rights according to organizational roles, ensuring users have only the permissions needed for their specific job functions, which enhances security and operational efficiency.

CompTIA Security+ (Plus) SY0-701 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ (Plus) SY0-701 exam and earn CompTIA Security+ (Plus) SY0-701 certification.