Certified Information Systems Security Professional – CISSP – Question333

Why is planning the MOST critical phase of a Role Based Access Control (RBAC) implementation?

A.
The criteria for measuring risk is defined.
B. User populations to be assigned to each role is determined.
C. Role mining to define common access patterns is performed.
D. The foundational criteria are defined.

Correct Answer: B