A user reports being unable to access a file on a network share. The security administrator determines that the file is marked as confidential and that the user does
not have the appropriate access level for that file. Which of the following is being implemented?

A.
Mandatory access control

B.
Discretionary access control

C.
Rule based access control

D.
Role based access control

Explanation:
Mandatory Access Control (MAC) allows access to be granted or restricted based on the rules of classification. MAC in corporate business environments involve
the following four sensitivity levels
Public
Sensitive
Private
Confidential
MAC assigns subjects a clearance level and assigns objects a sensitivity label. The name of the clearance level must be the same as the name of the sensitivity
label assigned to objects or resources. In this case the file is marked confidential, and the user does not have that clearance level and cannot access the file.
Incorrect Answers:
B: Discretionary access control (DAC) allows access to be granted or restricted by an object’s owner based on user identity and on the discretion of the object
owner, not on its clearance level.
C: Rule-based access control is used for network devices that filter traffic based on filtering rules.
D: Role-based Access Control is basically based on a user’s job description.