Correct Answer: ABD
Explanation/Reference:
The primary way of authorizing a user or group in vSphere is the vCenter Server permissions. Depending on the task you want to perform, you might require other authorization.
vSphere 6.0 and later allows privileged users to give other users permissions to perform tasks in the following ways. These approaches are, for the most part, mutually exclusive; however, you can assign use global permissions to authorize certain users for all solution, and local vCenter Server permissions to authorize other users for individual vCenter Server systems.
Reference:
https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.security.doc%2FGUID-74F53189-EF41-4AC1-A78E-D25621855800.html
Global Permissions
Groups in the vsphere.local Domain