CompTIA Security+ (SY0-501) — Question 262

A group of developers is collaborating to write software for a company. The developers need to work in subgroups and control who has access to their modules.
Which of the following access control methods is considered user-centric?

Answer options

• A. Time-based
• B. Mandatory
• C. Rule-based
• D. Discretionary

Correct answer: D

Explanation

The correct answer is D, Discretionary, because it allows users to grant or restrict access to their own resources, aligning with user-centric control. The other options, such as Mandatory, Rule-based, and Time-based, impose restrictions that do not prioritize individual user control.