The principle of least privilege requires giving each user or process only the specific rights needed to perform its legitimate duties-no more, no less. Option A expresses this directly.
Why the other options are incorrect:
Option B describes the opposite approach-granting broad administrative rights by default and then removing them-which increases risk and contradicts least-privilege guidance.
Option C still provides unnecessary access (read-only to every system), exceeding what most users need.
Option D denies all access, making the system unusable for legitimate work; least privilege seeks the minimum necessary access, not zero access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the principle of least privilege?
Open an interactive chat with Bash
How does the principle of least privilege improve security?
Open an interactive chat with Bash
What are some common challenges in enforcing least privilege?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access