CompTIA Security Exam Practice Questions Sample SY0 501 Q276

A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources.
Which of the following should be implemented?

A. Mandatory access control
B. Discretionary access control
C. Role based access control
D. Rule-based access control

Correct Answer: B