CompTIA Cloud+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the CompTIA Cloud+ Test with our comprehensive material. Use interactive quizzes and detailed explanations to get ready for your certification exam!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What type of access control should be implemented when defining tasks for users and groups in a hybrid cloud?

  1. Mandatory access control

  2. Nondiscretionary

  3. Role-based

  4. Multifactor

The correct answer is: Role-based

The correct answer is role-based access control (RBAC), which is particularly effective in a hybrid cloud environment where multiple types of users and varying levels of access rights must be defined. In an RBAC model, access rights are assigned based on the roles assigned to each user or group. This means that permissions are structured around roles that take into account the tasks that users perform, simplifying the management of user permissions across different cloud environments. Implementing RBAC in a hybrid cloud ensures that users can only access the resources necessary for their job functions. This restriction not only enhances security by limiting unnecessary access but also streamlines user management. For instance, if an organization hires new employees, administrators can simply assign the appropriate role to these users based on their job responsibilities, automatically granting them access to all the resources associated with that role. In contrast, mandatory access control (MAC) is typically more rigid and enforced by the system, making it less practical for dynamic environments like a hybrid cloud. Nondiscretionary access control also has its limitations, as it might not provide the granularity needed for diverse user roles. Multifactor authentication is a security measure rather than an access control model, focusing on verifying user identity rather than managing access rights based on roles.

More Questions Like This