The IT department has set up a share point site to be used on the intranet. Security has established the groups
and permissions on the site. No one may modify the permissions and all requests for access are centrally
managed by the security team.
Which of the following control types is this an example of?
Rule based access control
Mandatory access control
User assigned privilege
Discretionary access control
Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based on
user identity and on the discretion of the object owner.