In an organization where there are frequent personnel changes, non-discretionary access control using Role Based Access Control (RBAC) is useful because:
Practise this CISSP question free, then download the PDF, watch the video walkthrough, or unlock timed mock exams for the full web bank.
Athe access controls are often based on the individual's role or title within the organization
Bpeople need not use discretion
Cthe access controls are not based on the individual's role or title within the organization
Dthe access controls are based on the individual's role or title within the organization.
✓ Correct answer: D. the access controls are based on the individual's role or title within the organization.With Non-Discretionary Access Control, a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on the individual’s role in the organization (role-based access control) or the subject’s responsibilities and duties (taskbased access control). In an organization where there are frequent personnel changes, non-discretionary access control is useful because the access controls are based on the individual’s role or title within the organization. These access controls do not need to be changed whenever a new person takes over that role.
Keep practising. Use the free CISSP PDF, watch the YouTube walkthrough, or unlock all 10 web questions with timed mock exams.
Free practice here. Timed mocks when you are ready.
Study the CISSP Exam Prep 2026 Test free question explanations, download the PDF, then unlock timed mock exams on the web when you want exam-day practice.