A security administrator implements access controls based on the security classification of the data and needto-know information. Which of the following BEST describes this level of access control?

A.
Implicit deny

B.
Role-based Access Control

C.
Mandatory Access Controls

D.
Least privilege

Explanation:
Mandatory Access Control allows access to be granted or restricted based on the rules of classification. MAC
also includes the use of need to know. Need to know is a security restriction where some objects are restricted
unless the subject has a need to know them.