data labeling

in Security+
Which of the following access controls enforces persmissions based on data labeling at specific levels?
A Mandatory access control
B Separation of duties access control
C Discretionary access control
D Role based access control
I am a little confused why the answer is 'A' , looks the 'D' is better ? thanks
A Mandatory access control
B Separation of duties access control
C Discretionary access control
D Role based access control
I am a little confused why the answer is 'A' , looks the 'D' is better ? thanks
Comments
B is a distraction answer. It is more of a policy issue that a technical permissions issue.
C is when a data owner decides who has access.
D is based on roles or groups (typically an LDAP environment like Active Directory) i.e. IT Staff Group, Accounting Group, HR Group
Masters of Science in Digital Forensics (University of Central Florida)