What security model implies a central authority that determines what subjects can have access to
what objects?
A.
Centralized access control
B.
Discretionary access control
C.
Mandatory access control
D.
Non-discretionary access control
Explanation:
A role-based access control (RBAC) model, also called nondiscretionary access
control, uses a centrally administrated set of controls to determine how subjects and objects
interact. – Shon Harris, “CISSP All-in-One Exam Guide”, 3rd Ed, p 165.