Which of the following describes Discretionary Access Control (DAC)?

Discretionary Access Control (DAC) is defined by the principle that access permissions are granted at the discretion of the owner or creator of the resource. This means that individuals who create files or resources have the authority to control who can access them and what actions they can perform (such as read, write, or execute). This level of control allows for flexibility and customization of access rights based on the creator's preferences or requirements.

The approach is inherently user-driven, enabling resource owners to delegate access to others as they see fit. Owners can choose to give access to specific users or groups, reflecting a more personal and subjective method of granting permissions compared to other access control models. In contrast, other options highlight different access control mechanisms: characteristics of the subject, organizational policies, or strict rules, which do not align with the discretionary nature of DAC.