Correct Answer: C
Power Platform provides out-of-the-box security roles that are Position-specific, like Salesperson. If users required some specific access needs for the Salesperson, they could use the Salesperson role as a basic role and make security access modifications. But in this case, you will create a specific role for one person. Such an approach is not efficient and, on a large scale, can make security roles management difficult.
As a Solution Architect, you have three strategies for defining the security roles: Position-specific, Baseline + Position, and Baseline + Capability.
The position-specific approach is based on the creation of a single role specifically for the position. The Power Platform’s out-of-the-box set of typical roles, like the Salesperson, are position based.
Another approach is to define the baseline for all employees or department teams. First, you can select a Basic User role for a baseline role. Then, you can define the security access for certain positions on top of the baseline role, like the baseline + additional security settings for a field engineer position. Suppose you have a specific group (e.g., mobile field engineer) that requires additional capabilities, like mobile access. In that case, you can add another layer on top of the previous layer (e.g., field engineer). Therefore, you need to use the Baseline+Capability approach for the mobile field engineers.
All other options are incorrect.
For more information about the strategies for security roles definitions, please visit the below URLs:
https://docs.microsoft.com/en-us/learn/modules/model-security/4-dataverse