RBAC Conflicts

in Security+
I am currently using a Thompson book (from school) and the Exam Cram 2 book to help me study for the Security+ Cert. I have run into an issue where the 2 book contradict themselves. When using RBAC as an access control model, one of the books states that a user can only be assigned a single role, and the other book states that a user may be assigned multiple roles. This isn't a misunderstanding, but a clear contradiction. My question, which is correct? Can a user be assigned multiple roles in an RBAC environment, or are they limited to a single role?
Thanks,
LB
Thanks,
LB
Degree: Liberty University - B.S Computer Science (In Progress)
Current Certs: CCENT | MCTS | Network+
Currently Working On: Security+
Current Certs: CCENT | MCTS | Network+
Currently Working On: Security+
2020 Goals: CCNA, CCNP Security, Linux+
Comments
Here is the Access Control section: http://techexams.net/technotes/securityplus/mac_dac_rbac.shtml
Here is all (and more) you ever wanted to know about RBAC from the NIST (National Institute of Standards and Technology) site:
http://csrc.nist.gov/groups/SNS/rbac/
I do have another question. What practice tests are people using that they believe most accurately represent the real exam? I am using this site, free-exams.com, and preplogic for now. I am getting consistent grades in the low to mid 80's. But last night I took a Transcender exam, and got 60%. It was loaded with questions relating to things I have never heard of, from college classes, Thompson books, Exam Cram books, or Sybex. I know Transcender used to be the one to use for Microsoft exams, but I don't know about Security+.
Thanks a lot for the help, and I look forward to hear what others think about practice tests.
LB
Current Certs: CCENT | MCTS | Network+
Currently Working On: Security+
Current Certs: CCENT | MCTS | Network+
Currently Working On: Security+