ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam
Go to Exam

Exam CAS-005 topic 1 question 29 discussion

Actual exam question from CompTIA's CAS-005
Question #: 29
Topic #: 1
[All CAS-005 Questions]

An organization wants to implement an access control system based on its data classification policy that includes the following data types:

Confidential -

Restricted -

Internal -

Public Flag for Review -
The access control system should support SSO federation to map users into groups. Each group should only access systems that process and store data at the classification assigned to the group. Which of the following should the organization implement to enforce its requirements with a minimal impact to systems and resources?

  • A. A tagging strategy in which all resources are assigned a tag based on the data classification type, and a system that enforces attribute-based access control
  • B. Role-based access control that maps data types to internal roles, which are defined in the human resources department's source of truth system
  • C. Network microsegmentation based on data types, and a network access control system enforcing mandatory access control based on the user principal
  • D. A rule-based access control strategy enforced by the SSO system with rules managed by the internal LDAP and applied on a per-system basis
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by vicbersong at April 25, 2025, 1:04 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
vicbersong
1 week, 6 days ago
Selected Answer: A
To enforce the organization's requirements with minimal impact to systems and resources, Option A seems to be the most suitable choice: A. A tagging strategy in which all resources are assigned a tag based on the data classification type, and a system that enforces attribute-based access control Here's why: Tagging Strategy: Assigning tags based on data classification types allows for flexible and scalable management of resources. Attribute-Based Access Control (ABAC): This approach can dynamically enforce access policies based on attributes, such as user roles, data classification, and other contextual information. It supports fine-grained access control and can be integrated with SSO federation to map users into groups. This method ensures that each group can only access systems that process and store data at the classification assigned to the group, aligning with the organization's data classification policy.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago