A company enforces role-based access control (RBAC) to ensure employees can only access information related to their job duties. Which AAA category does this apply to?

Authentication refers to the process of verifying a user's identity, typically through credentials like passwords or biometric data. While authentication is a crucial component of security, it does not govern the permissions or access levels assigned to users, which is the primary function of authorization.

Accounting, in the context of AAA, deals with tracking user activities and resource usage. It involves logging and monitoring actions taken by users within a system to create an audit trail. Although important for security oversight, accounting does not determine access levels or permissions, which is the focus of authorization.

Auditing refers to the examination and evaluation of records and logs to ensure compliance with policies and regulations. While auditing assesses whether access controls are effective after the fact, it does not define or control what users are permitted to access, which is the role of authorization within RBAC.