Define RBAC and ABAC and give an example scenario in data exchange.

Get ready for the CDX 182A Exam. Enhance your knowledge with flashcards and multiple choice questions. Practice hints and detailed explanations available to ensure you’re fully prepared for your exam.

Multiple Choice

Define RBAC and ABAC and give an example scenario in data exchange.

Explanation:
RBAC grants permissions by role; ABAC uses attributes. In practice, RBAC assigns users to roles and each role has a defined set of permissions, so access depends on the user’s role. ABAC makes decisions based on attributes of the user, the resource, the action, and the environment, allowing more fine-grained and dynamic control. A data exchange scenario could be: allow read if the user.role is analyst, or if the user.department is legal and the user.clearance is confidential. This illustrates RBAC-style access for a role and ABAC-style checks using additional attributes like department and clearance. The other options misstate either the concept or the relationship between RBAC and ABAC, or rely on an incomplete description.

RBAC grants permissions by role; ABAC uses attributes. In practice, RBAC assigns users to roles and each role has a defined set of permissions, so access depends on the user’s role. ABAC makes decisions based on attributes of the user, the resource, the action, and the environment, allowing more fine-grained and dynamic control.

A data exchange scenario could be: allow read if the user.role is analyst, or if the user.department is legal and the user.clearance is confidential. This illustrates RBAC-style access for a role and ABAC-style checks using additional attributes like department and clearance.

The other options misstate either the concept or the relationship between RBAC and ABAC, or rely on an incomplete description.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy