Which security principle requires that each user, application, or service be granted only the minimum set of permissions needed to perform its job functions within an organization?
Grant only the minimum permissions necessary to perform required tasks
Provide full administrative rights to expedite user activities
Periodically rotate elevated privileges among staff members
Deny all access until a formal escalation ticket is approved
The correct answer is "Grant only the minimum permissions necessary" because the Principle of Least Privilege limits access rights to what is strictly required, reducing the potential damage from accidents or compromise. Granting full administrative rights contradicts this principle and greatly increases risk. Denying all access until an escalation ticket is approved describes a restrictive workflow control, not least privilege. Rotating privileges among staff may help with cross-training but does not embody the core idea of keeping each subject's access narrowly scoped.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to clarify customer statements?
Open an interactive chat with Bash
Why is active listening important in customer service?
Open an interactive chat with Bash
What other techniques can be used to handle an upset customer?