Authorization

Correct Answer: Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC) is the correct answer. This type of access control allows a company to set access permissions based on the roles of individual users within the network. It’s ideal for companies where many employees have the same job role and need access to the same information. Role-Based Access Control is efficient and scalable, as permissions can be assigned or revoked in large groups rather than individually Rule-Based Access Control is incorrect because it uses conditions for granting access and is not primarily based on the position or assigned tasks of employees. Mandatory Access Control (MAC) is incorrect because it restricts users to access resources based on information classification and clearance level, which is more suitable in a military setting, not a typical company with differing job roles and tasks Discretionary Access Control (DAC) is also incorrect because it allows the owner of the data or resource to control who gets what kind of access, but it doesn't work well for a company with many employees and various assigned tasks because it would require the owner to manually assign permissions frequently.

Correct Answer: Assign the user to the relevant security group.

The right procedure to grant a new user access to a specific group on the network is to assign the user to the relevant security group. This process enables the user to have all the permissions and rights that the group possesses, therefore facilitating access to the required resources. Assigning a new access control list (ACL) to the user is incorrect as ACLs control traffic and determine permissions for files not users. Assigning the user to a distribution list is also erroneous because distribution lists are used for email communications, not network access permissions. Finally, allocating a new IP address to the user would not be the correct approach since having an IP address does not automatically grant specific network group permissions.

Correct Answer: Implement proper file and folder permissions.

The best measure to prevent an employee from unintentionally accessing another employee's files is by implementing proper file and folder permissions. This will ensure that only authorized personnel can access specific files, which helps in maintaining confidentiality and integrity of data. Training the employees on physical security or blocking all file-sharing websites won't necessarily prevent accidental access to others' files in the same system. Similarly, configuring for remote access doesn't solve the issue but might add another layer of security concern if not handled properly.