CISM Certified Information Security Manager – Question0945 - CISM Certified Information Security Manager

Of the following, the BEST method for ensuring that temporary employees do not receive excessive access rights is:

A. mandatory access controls.
B. discretionary access controls.
C. lattice-based access controls.
D. role-based access controls.

Correct Answer: D

Explanation:

Explanation:
Role-based access controls will grant temporary employee access based on the job function to be performed. This provides a better means of ensuring that the access is not more or less than what is required. Discretionary, mandatory and lattice-based access controls are all security models, hut they do not address the issue of temporary employees as well as role-based access controls.