What security model implies a central authority that determines what subjects can have access to
what objects?
A.
Centralized access control
B.
Discretionary access control
C.
Mandatory access control
D.
Non-discretionary access control
Explanation:
A role-based access control (RBAC) model, also called nondiscretionary access control, uses a
centrally administrated set of controls to determine how subjects and objects interact. – Shon
Harris, “CISSP All-in-One Exam Guide”, 3rd Ed, p 165.