Which access control method allows the data owner (the person who created the file) to control access to the
information they own?

A.
DAC – Discretionary Access Control

B.
MAC – Mandatory Access Control

C.
RBAC – Role-Based Access Control

D.
NDAC – Non-Discretionary Access Control

Explanation:
Access in a DAC model is restricted based on the authorization granted to the users. Users are, therefore,
allowed to identify the type of access that can occur to the objects they own.
Incorrect Answers:
B: Mandatory access control (MAC) is an access policy that restricts access to objects based on the security
clearance of a subject and the classification of an object.C: Role-based access control (RBAC) provides access to resources according to the role the user holds within
the company or the tasks that the user has been assigned.
D: Non-discretionary access control is when the system administrator or a single management body within an
organization centrally controls access to all resources for everybody on a network.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228
http://www.answers.com/Q/What_is_Non_discretionary_access_control