Access Control and Privilege Management Questions

Demonstrate knowledge and practical approaches to designing, implementing, and operating access control for data platforms. Cover models such as role based access control and attribute based access control and explain when each model is appropriate. Describe technical controls including database roles and grants, policies for row level security and column level masking, use of views or stored procedures to enforce access constraints, and integration with identity providers and directory services for centralized authentication and authorization. Address operational practices such as the principle of least privilege, separation of duties, periodic access reviews, temporary access workflows, privileged access management, audit logging, monitoring of privilege use, and remediation of excessive privileges. Explain how access control choices interact with compliance requirements, data classification, and encryption and key management.