For a discretionary access control to be effective, it must:
A、operate within the context of mandatory access controls.
B、operate independently of mandatory access controls.
C、enable users to override mandatory access controls when necessary.
D、be specifically permitted by the security policy.