312-50V11 · Question #587
Least privilege is a security concept that requires that a user is
The correct answer is A. limited to those functions required to do the job.. Least privilege restricts user access to only the permissions and functions necessary to perform their assigned job duties.
Question
Least privilege is a security concept that requires that a user is
Options
- Alimited to those functions required to do the job.
- Bgiven root or administrative privileges.
- Ctrusted to keep all data and access to that data under their sole control.
- Dgiven privileges equal to everyone else in the department.
How the community answered
(32 responses)- A94% (30)
- B3% (1)
- C3% (1)
Why each option
Least privilege restricts user access to only the permissions and functions necessary to perform their assigned job duties.
The principle of least privilege mandates that each user, process, or system component be granted only the minimum access rights required to accomplish its legitimate tasks. This limits the potential damage from accidents, errors, or unauthorized use by reducing the attack surface. Restricting users to functions required for their role is the foundational definition of this principle.
Granting root or administrative privileges is the opposite of least privilege, as it provides far more access than most roles require.
Sole control over data by a single user does not reflect least privilege - it describes a lack of oversight and could enable insider threats.
Equalizing privileges across a department ignores individual role requirements and may grant users more access than their specific job functions demand.
Concept tested: Principle of least privilege access control
Source: https://csrc.nist.gov/glossary/term/least_privilege
Topics
Community Discussion
No community discussion yet for this question.