🛡️ Free practice test question from: MAC (Security+)

Mandatory Access Control (MAC) is the correct answer. MAC systems use a centralized authority (usually the system administrator) to assign security labels (classifications) to data and security clearances to users. Access is granted based on these labels and clearances, regardless of the owner's wishes. This is commonly used in high-security environments like government and military.

Discretionary Access Control (DAC): In DAC, the owner of the data has the discretion to grant or deny access to others. This is the traditional model used in most common operating systems.

Role-Based Access Control (RBAC): RBAC assigns permissions to roles (e.g., "administrator," "editor," "viewer"), and users are assigned to those roles. While there's some central management of roles, it's not based on security labels and clearances like MAC.

Attribute-Based Access Control (ABAC): ABAC uses attributes of users, resources, and the environment to determine access. While it can be centrally managed, it's more flexible and fine-grained than MAC, and doesn't rely on the same strict clearance/labeling system.