Which statement best describes the relationship between roles and groups in permission assignment?

In this permission setup, groups and roles both carry the power to grant access, and they can work together. A group is a collection of users who share a set of permissions. You can assign those permissions directly to the group, so everyone in the group inherits them. At the same time, you can also use roles to bundle a separate set of permissions and assign that role to users or to the group. When a group has its own permissions and is also associated with a role, the group members gain access from both sources, giving a flexible and scalable way to manage who can do what. For example, a group responsible for DNS tasks might have certain read or write permissions directly granted to the group. If that same group is also linked to a role that provides broader administrative rights, members receive both the group’s direct permissions and the role-based permissions. This dual pathway—permissions granted to groups and permissions granted via roles—best describes how permissions flow and why both constructs are useful together.