What is Role-Based Access Control (RBAC)?
D1 ยท General ยท CompTIA Security+ SY0-701RBAC (Role-Based Access Control) assigns permissions to roles rather than individual users. Users are then assigned to roles based on their job function, inheriting all the permissions of that role.
Example: All members of the "Accounting" role have read/write access to financial systems. All "HR" role members have access to HR data. New employee gets assigned to a role โ automatically gets correct permissions.
Benefits: easier administration, least privilege enforcement, consistent access policies.
Example: All members of the "Accounting" role have read/write access to financial systems. All "HR" role members have access to HR data. New employee gets assigned to a role โ automatically gets correct permissions.
Benefits: easier administration, least privilege enforcement, consistent access policies.
RBAC is the most common enterprise access control model. It simplifies administration โ change the role's permissions once, affects all users in that role. Compare: DAC (owner decides), MAC (system decides, labels), ABAC (policy based on attributes โ most granular). On the exam, RBAC = job-based roles.