What determines if an organization is going to operate under a discretionary,mandatory, or nondiscretionary access control model?
A.
Administrator
B.
Security policy
C.
Culture
D.
Security levels
Explanation:
The security policy will set the tone for the whole security program.It will dictate the level of risk the management and company is willing to acceptand this will in turn dictate the type of controls and mechanisms that are to be putinto place to ensure that this level of risk is not exceeded.