Which access control model is also called Non-Discretionary Access Control (NDAC)?

A.
Lattice based access control

B.
Mandatory access control

C.
Role-based access control

D.
Label-based access control

Explanation:
Non-discretionary access control is when the system administrator or a single management body within an
organization centrally controls access to all resources for everybody on a network. This type of access control
can be role based or rule based, as both of these prevents users from making access decisions based upon
their own discretion.
Incorrect Answers:
A: Lattice-based Access control is known as a label-based access control, or rule-based access control
restriction.
B: Mandatory Access control is based on a security label system
D: Label-based access control uses one or more security labels to control who has read access or write access
to individual rows and columns in a table

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 220-228
https://en.wikipedia.org/wiki/Lattice-based_access_control
http://www.drdobbs.com/understanding-label-based-access-control/199201852