Simplifying Access Control for Networks and User Permissions

D.

Access control is a security mechanism used to regulate access to resources or data in a system. There are various types of access control mechanisms, including Rule-based access control, Role-based access control, Mandatory access control, and Discretionary access control.

In this scenario, the organization wants to simplify access control and provide users with the ability to determine what permissions should be applied to files, documents, and directories. Therefore, the access control method that BEST satisfies these objectives is Discretionary access control (DACL).

Discretionary access control allows the owner of a resource to determine who can access the resource and what level of access they have. It provides the owner with the discretion to grant or deny access to their resources to other users or groups. The owner can also modify the access rights granted to a user at any time.

In contrast to other access control methods, such as Rule-based access control, Role-based access control, and Mandatory access control, Discretionary access control provides a more flexible approach to access control.

Rule-based access control defines access rules based on predefined conditions. Role-based access control assigns permissions to users based on their roles or job functions. Mandatory access control applies a predefined set of rules to all users and resources in the system.

In summary, Discretionary access control is the most appropriate access control method for the organization's objectives because it simplifies access control and provides users with the ability to determine what permissions should be applied to files, documents, and directories.