CompTIA Security+ (SY0-501) — Question 306

An organization is trying to decide which type of access control is most appropriate for the network. The current access control approach is too complex and requires significant overhead.
Management would like to simplify the access control and provide user with the ability to determine what permissions should be applied to files, document, and directories. The access control method that BEST satisfies these objectives is:

Answer options

• A. Rule-based access control
• B. Role-based access control
• C. Mandatory access control
• D. Discretionary access control

Correct answer: D

Explanation

Discretionary access control (DAC) allows users to control permissions on their own files and directories, making it a user-friendly option that aligns with the organization's desire for simplicity. In contrast, Rule-based access control and Role-based access control add layers of complexity, while Mandatory access control is rigid and does not permit user discretion, making them unsuitable for the specified objectives.