Which access model is most appropriate for companies with a high employee turnover?

A.
Role-based access control

B.
Mandatory access control

C.
Lattice-based access control

D.
Discretionary access control

Explanation:
A Role-based access control (RBAC) model is the BEST system for a company whose staff renewal rate is
high. For example, if an employee who is mapped to a certain role leaves the company, then his replacement
can be easily mapped to this role. This results in the administrator not having to continually change the ACLs on
the individual objects.
Incorrect Answers:
B: Mandatory Access control is considered nondiscretionary and is based on a security label system
C: Lattice-based Access control is known as a label-based access control, or rule-based access control
restriction.
D: Discretionary Access Control (DAC) allows data owners to dictate what subjects have access to the files and
resources they own.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228
https://en.wikipedia.org/wiki/Lattice-based_access_control