A new administrative assistant joins a company, and their responsibilities include scheduling meetings, managing emails, and editing documents in a specific shared folder. When setting up their user account, which approach BEST follows the principle of least privilege?
Provide access to all company shared folders to encourage information sharing.
Assign administrator permissions to the account to prevent any future access issues.
Clone the permissions from the department manager's account.
Assign standard user permissions with access only to the shared folder required for their duties.
The principle of least privilege dictates that users should only be granted the minimum permissions necessary to perform their job duties. In this scenario, the administrative assistant needs standard user permissions and access only to the specific folder required for their work. Granting administrator rights, access to all folders, or the same permissions as a manager would provide excessive access, violating this principle and increasing security risks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the principle of least privilege mean in cybersecurity?
Open an interactive chat with Bash
Why is it important to follow the principle of least privilege?
Open an interactive chat with Bash
How can excessive permissions become a security risk?