Which of the following should the customer implement to ensure authorisation to systems is granted when the user and system classification properties match?

A customer is migrating applications to the cloud and wants to grant authorization based on the classification levels of each system.

Which of the following should the customer implement to ensure authorisation to systems is granted when the user and system classification properties match? (Select two).
A . Resource tagging
B . Discretionary access control
C . Multifactor authentication
D . Role-based access control
E . Token-based authentication
F . Bastion host

View Answer

Answer: B, D

Explanation:

Discretionary Access Control (DAC) and Role-Based Access Control (RBAC) are effective methods for granting authorization based on system classification levels. DAC allows resource owners to grant access rights, making it flexible for environments with varying classification levels. RBAC assigns permissions based on roles within an organization, aligning access rights with the user’s job functions and ensuring that users access only what is necessary for their role, which can be mapped to system classifications.

Reference: CompTIA Cloud+ content covers various access control models, emphasizing the importance of implementing appropriate security measures that align with organizational policies and classification levels to ensure secure and authorized access to cloud systems.