When planning RBAC implementation, what is a best practice for managing computer groups?

The selection of identifying sets of endpoints for management based on criteria like geography reflects a best practice in Role-Based Access Control (RBAC) implementation. This approach allows for more granular control over access and permissions, ensuring that user roles and responsibilities align with specific regions or locations within the organization.

By organizing computer groups according to geographical criteria, organizations can tailor their management strategies to address local regulatory requirements, operational needs, and user permissions effectively. This method enhances efficiency as it allows for specific policy applications, compliance adherence, and targeted resource allocation that would be difficult to achieve with a more generalized grouping strategy.

In contrast, other options do not promote effective management of computer groups. For instance, grouping all endpoints into one main group may lead to security risks, as it does not allow for differentiated access based on varying needs and roles. Similarly, using a single criterion for grouping without exceptions would limit flexibility and could overlook important factors that influence how endpoints should be managed. Creating groups based on the company's revenue is less relevant, as it does not directly relate to endpoint management efficiency or access control. Focusing on geographical criteria is therefore a structured approach that aligns with best practices for RBAC implementation.