Role-based access control .

A.
Is unique to mandatory access control

B.
Is independent of owner input

C.
Is based on user job functions

D.
Can be compromised by inheritance

Explanation:
C: A role-based access control (RBA) model bases the access control authorizations on the roles (or functions) that the user is assigned within an organization. The determination of what roles have access to a resource can be governed by the owner of the data, as with DACs, or applied based on policy, as with MACs. Page 120.