Free CompTIA Security+ SY0-701 Practice Question

Mandatory Access Control is the correct answer because it's a model where access to resources is governed by a strict policy dictated by a central authority. It is most appropriate in environments such as governmental or military institutions where security classification and clearance levels must be rigorously enforced. Discretionary Access Control allows resource owners to make access decisions, which could lead to inconsistent enforcement of a uniform security policy. Role-Based Access Control grants access based on a user's role within an organization and does not typically consider individual clearance levels or data classification. While Attribute-Based Access Control uses a comprehensive set of policies that evaluate attributes, it is not inherently focused on adhering to fixed classifications and clearance levels in the same way that Mandatory Access Control does.