Which statement is correct for a user who holds SECADM authority?

A.
A user who holds SECADM authority can only grant and revoke database object
privileges.

B.
A user who holds SECADM authority can grant and revoke all database level authorities
and database object privileges.

C.
A user who holds SECADM authority can only grant and revoke DBADM and SECADM
database level authorities.

D.
A user who holds SECADM authority can only grant and revoke label based access
control (LBAC) security labels.