James, the lead system administrator, has successfully integrated the organization’s Active Directory to handle user...

The scenario highlights a distinction between user roles and data-level permissions . While Role-Based Access Control (RBAC) has already been implemented (e.g., "User" and "Viewer"), the issue arises because users with the same role can access data that should be restricted based on content sensitivity or domain ownership .

The requirement is to limit access to specific datasets (e.g., financial forecasts) without altering the user’s overall role. This is addressed by Data Access controls , which enforce fine-grained permissions at the data level. These controls determine what specific information a user can retrieve, often based on attributes such as department, data classification, or context.

Other options are less suitable:

Content filtering typically restricts inappropriate or unsafe content generation, not access to internal datasets.

Role-based Access is already in place and is too coarse-grained for this issue.

Feature Controls manage access to system functionalities, not underlying data visibility.

CAIPM emphasizes that secure AI systems require multi-layered access control , where high-level roles are complemented by granular data-level restrictions to prevent unauthorized data exposure.

Therefore, the correct answer is Data Access , as it directly addresses the need for fine-grained control over what information users can retrieve.