What does assigning access based on job classification and function mean?

• A. Assign access based on individual personnel's job classification and function.
• B. Give identical access to all employees.
• C. Assign access based on department mood.
• D. Distribute access randomly.

Answer: (A)

Granting access by role means giving permissions based on a person’s job classification and the functions they perform. In PCI DSS terms, this supports restricting access to cardholder data by business need-to-know and applying least privilege: people get only what they need to do their jobs, nothing more. This approach makes security stronger because it reduces exposure of sensitive data and helps manage changes when someone shifts roles. It also keeps administration organized since permissions align with defined responsibilities. The other options miss the essential idea: giving everyone the same access ignores role boundaries, while linking access to mood or random distribution has no relation to job requirements or security controls.