Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 77

Based on which statement does the discretionary access control security model grant or restrict access?

Answer options

• A. discretion of the system administrator
• B. security policy defined by the owner of an object
• C. security policy defined by the system administrator
• D. role of a user within an organization

Correct answer: B

Explanation

The correct answer is B because in a discretionary access control model, access is determined by the owner of an object who defines the security policy. Options A, C, and D are incorrect as they suggest that access control is based on the administrator's discretion or a user's role, rather than the owner's defined policy.