Comprehensive and Detailed Explanation From Exact Extract:

Pega’s Client-Based Access Control (CBAC), as outlined in Pega Academy’sSecurity Missionand thePega Certified Lead System Architect Study Guide, is designed to comply with data privacy regulations like GDPR by managing customer requests for data access, modification, or deletion. It focuses on processing these requests efficiently and securely.

Option A (Incorrect): CBAC does not automate user authentication or login processes. Authentication is handled by mechanisms like SSO or LDAP, per theAuthenticationmodule.

Option B (Incorrect): CBAC does not ensure data encryption, which is managed by Pega’s database and infrastructure security features (e.g., encryption at rest), as noted in theData Securityguidelines.

Option C (Correct): CBAC tracks and processes customer requests to view, update, or delete personal data, ensuring compliance with regulations like GDPR. This is its primary function, as documented in theClient-Based Access Controlsection of Pega Community.

Option D (Incorrect): While CBAC may influence authorization design, its primary role is processing data requests, not defining authorization policies, per theAccess Controlmodule.