CompTIA Security+ (SY0-501) — Question 225
A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources.
Which of the following should be implemented?
Answer options
- A. Mandatory access control
- B. Discretionary access control
- C. Role based access control
- D. Rule-based access control
Correct answer: B
Explanation
The correct answer is B, Discretionary access control, as it allows data owners to make decisions on who can access their resources. Mandatory access control (A) restricts access based on predefined rules and cannot be altered by data owners. Role-based access control (C) assigns permissions based on roles rather than individual ownership, and rule-based access control (D) applies rules irrespective of the data owner’s preferences.