Which access control model provides role-based permissions?

  1. Discretionary Access Control (DAC)
  2. Mandatory Access Control (MAC)
  3. Role-Based Access Control (RBAC) ✓
  4. Access Control Lists (ACLs)

Correct answer: Role-Based Access Control (RBAC)

Option C is correct because Role-Based Access Control (RBAC) assigns permissions to defined roles rather than to individual users, and users acquire permissions by being assigned to those roles, which simplifies administration at scale. Option A is incorrect because Discretionary Access Control (DAC) allows resource owners to grant or revoke access at their own discretion, making it owner-driven rather than role-driven. Option B is incorrect because Mandatory Access Control (MAC) enforces access based on classification labels and clearance levels set by a central authority, not on roles. Option D is incorrect because Access Control Lists (ACLs) are a mechanism for specifying permissions on individual objects and can be used within DAC or other models, but they are not themselves an access control model that provides role-based permissions.

Topic: · rbac, access control models, cissp, identity and access management

Practice CISSP Questions Free