Based on which statement does the discretionary access control security model grant or restrict access ?
A. discretion of the system administrator
B. security policy defined by the owner of an object
C. security policy defined by the system administrator
D. role of a user within an organization
Its B
“The term DAC is commonly used in contexts that assume that every object has an owner that controls the permissions to access the object, probably because many systems do implement DAC using the concept of an owner.”
https://en.wikipedia.org/wiki/Discretionary_access_control
B is the right one.
Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object’s owner group and/or subjects. DAC mechanism controls are defined by user identification with supplied credentials during authentication, such as username and password. DACs are discretionary because the subject (owner) can transfer authenticated objects or information access to other users. In other words, the owner determines object access privileges.
It’s B, D is non-discretionary access.
I think its “D” object owner sets only the security permissions not the security policy
B option means: the owner of file defines his own security policy (permissions).
You are almost right on your explanation, but maybe “security policy” confuses you