Which of the following is a characteristic of mandatory access control (MAC)?

Mandatory access control (MAC) is characterized by the way in which access permissions are set and enforced. In a MAC environment, access to resources is strictly governed by system-wide policies rather than being at the discretion of individual users or resource owners. This means that the system defines who can access what based on predefined security classifications and labels. For instance, users and data can be classified according to levels such as confidential, secret, or top-secret, and users can only access resources that align with their designated classification levels.

This approach enhances security because it minimizes the risk of users circumventing access controls by making access decisions based on user-defined permissions, making it a more rigid and secure model for managing access. This characteristic is particularly important in environments where compliance and security are prioritized, such as in military or governmental contexts.

In contrast, the other options involve access control models that are more flexible and user-centric, allowing more discretion for resource sharing and permissions, which is not a hallmark of mandatory access control systems.