CompTIA Security+ (SY0-601) — Question 834

A systems administrator needs to implement an access control scheme that will allow an object's access policy to be determined by its owner. Which of the following access control schemes BEST fits the requirements?

Answer options

• A. Role-based access control
• B. Discretionary access control
• C. Mandatory access control
• D. Attribute-based access control

Correct answer: B

Explanation

The correct answer is B, Discretionary access control (DAC), because it allows the owner of an object to dictate who can access it. In contrast, Role-based access control (A) assigns permissions based on user roles, Mandatory access control (C) enforces access policies that cannot be altered by users, and Attribute-based access control (D) uses attributes for access decisions, which does not give ownership control.