What type of access model uses administrative roles for grouping users?

The correct choice refers to Role-Based Access Control (RBAC), which is a security mechanism that assigns permissions to users based on their role within an organization. In an RBAC model, users are grouped according to their job functions or responsibilities, which simplifies the management of access rights. For example, an employee in a specific department may have access to files and applications necessary for their duties, while personnel in other departments do not, even if they work in the same organization.

By leveraging administrative roles, RBAC streamlines the process of assigning and managing permissions. When a user’s role changes, administrators can easily adjust access levels without needing to change permissions on an individual basis. This model enhances security by ensuring users only have the access necessary for their roles, reducing the risk of unauthorized access to sensitive information.

In contrast, the other access models differ in their approach to user permissions. Attribute-Based Access Control (ABAC) relies on the attributes of the user, the environment, and the resource to make dynamic access decisions. Discretionary Access Control (DAC) allows users to manage and share their permissions at their discretion, while Mandatory Access Control (MAC) enforces strict policies determined by a central authority, with little to no user discretion to alter access rights