WGU C845 VUN1 Task 1,2,& 3| Passed on First
Attempt |Latest Update with Complete Solution
This document contains;
❖ WGU C845
❖ VUN1 Task 1,2,& 3
❖ Complete Solution
❖ WGU C845 VUN1
❖ 100% guaranteed pass
❖ WGU C845 VUN1 Task 1,2,& 3
, VUN1 — VUN1 Task 1: Managing Security Operations and Access
Controls
Information Systems Security
Apply an Access Control Model
A.1. Chosen Access Control Model
I have chosen the Role-Based Access Control (RBAC) model. The principles of RBAC are:
• Role Assignment: A user is assigned to a role based on their job function (e.g.,
"Finance Analyst").
• Permission Assignment: Permissions to perform operations on systems are assigned to
roles, not to individual users.
• Session Management: A user activates a role to gain the associated permissions for a session.
• Least Privilege: Users should only have the minimum level of access necessary to
perform their job duties.
The organization's access control structure, as seen in the user matrix, is implicitly role-based (e.g.,
"Finance manager," "HR coordinator"). Applying a formal RBAC model would streamline this by
ensuring permissions are strictly tied to business functions, reducing complexity and the potential
for user error when assigning permissions.
A.2. Four Misalignments with RBAC Principles
1. Misalignment 1: Privilege Escalation Beyond Role Scope
• Description: The "Junior system admin" (J. Lopez) has "Domain admin"
privileges. A junior role should not have the highest level of access in a
Windows environment.
• Conflict with RBAC: This violates the principle of least privilege. The role "Junior
Attempt |Latest Update with Complete Solution
This document contains;
❖ WGU C845
❖ VUN1 Task 1,2,& 3
❖ Complete Solution
❖ WGU C845 VUN1
❖ 100% guaranteed pass
❖ WGU C845 VUN1 Task 1,2,& 3
, VUN1 — VUN1 Task 1: Managing Security Operations and Access
Controls
Information Systems Security
Apply an Access Control Model
A.1. Chosen Access Control Model
I have chosen the Role-Based Access Control (RBAC) model. The principles of RBAC are:
• Role Assignment: A user is assigned to a role based on their job function (e.g.,
"Finance Analyst").
• Permission Assignment: Permissions to perform operations on systems are assigned to
roles, not to individual users.
• Session Management: A user activates a role to gain the associated permissions for a session.
• Least Privilege: Users should only have the minimum level of access necessary to
perform their job duties.
The organization's access control structure, as seen in the user matrix, is implicitly role-based (e.g.,
"Finance manager," "HR coordinator"). Applying a formal RBAC model would streamline this by
ensuring permissions are strictly tied to business functions, reducing complexity and the potential
for user error when assigning permissions.
A.2. Four Misalignments with RBAC Principles
1. Misalignment 1: Privilege Escalation Beyond Role Scope
• Description: The "Junior system admin" (J. Lopez) has "Domain admin"
privileges. A junior role should not have the highest level of access in a
Windows environment.
• Conflict with RBAC: This violates the principle of least privilege. The role "Junior
