Role-based access control (RBAC) is the correct answer, as it is a method of restricting network access based on the roles of individual users within an organization. RBAC ensures that users are only granted the access necessary to perform their job functions, which aligns with the principle of least privilege. Using RBAC, system administrators can be given permissions to configure network devices, while network analysts have more limited access, consistent with their analysis role. Mandatory Access Control (MAC) and Discretionary Access Control (DAC) are different models and do not provide the functionality to assign permissions based on job roles. Attribute-based access control (ABAC) can be more complex, using policies that evaluate a combination of attributes, which may not be necessary when roles are clearly defined as in the given scenario.