Free Preparation Discussions
MENU
Isaca CDPSE Exam - Topic 5 Question 78 Discussion
Topic #: 5
A multi-national organization has decided that regional human resources (HR) team members must be limited in their access to employee data only within their regional office. Which of the following is the BEST approach?
Attribute-based access control (ABAC) is the best approach for limiting the access of regional HR team members to employee data only within their regional office, because it allows for fine-grained and dynamic access control based on attributes of the subject, object, environment, and action. Attributes are characteristics or properties that can be used to describe or identify entities, such as users, resources, locations, roles, or permissions. ABAC uses policies and rules that evaluate the attributes and grant or deny access accordingly. For example, an ABAC policy could state that a user can access an employee record if and only if the user's role is HR and the user's region matches the employee's region. This way, the access control can be tailored to the specific needs and context of the organization, without relying on predefined or fixed access levels.
Attribute-Based Access Control (ABAC), NIST
What is Attribute-Based Access Control (ABAC)?, Axiomatics
Access Control Models -- Westoahu Cybersecurity, Westoahu Cybersecurity
Carin
2 days agoKenny
7 days ago