Fortify Your Cyber Fortress: Conquer the 2026 NDE Practice Exam! 🚀🔐

The correct answer is Mandatory Access Control. This model is characterized by its use of fixed policies that dictate access permissions determined by the system and not by the individual users. In Mandatory Access Control (MAC), access rights are assigned based on multiple levels of security clearance and data classification. This means that once a user is granted access to a system, they operate under the constraints established by these policies without any ability to alter permissions.

This model is particularly useful in environments that require stringent security measures, such as government or military organizations, where controlling access to sensitive information is paramount. Users cannot make changes that would influence access rights, thereby ensuring a consistent enforcement of security policies across the system.

In contrast, Role-Based Access Control (RBAC) allows permissions to be assigned based on user roles, which can involve user input for role assignments. Discretionary Access Control (DAC) lets users manage permissions for resources at their discretion, allowing flexibility that also includes user input. Role-based authorization is a concept related to RBAC but does not constitute a distinct access control model. Therefore, MAC stands out as the model where permissions are strictly determined by the system without user involvement.