DA0-002 · Question #43
DA0-002 Question #43: Real Exam Question with Answer & Explanation
The correct answer is D: Least privilege. The practice of granting users only the minimum necessary permissions to perform their duties and nothing more is known as the principle of least privilege.
Question
A company gives users adequate data access permissions to allow them to fulfill their duties but nothing more. Which of the following concepts best describes this practice?
Options
- AActive Directory
- BHierarchical access
- CZero Trust
- DLeast privilege
Explanation
The practice of granting users only the minimum necessary permissions to perform their duties and nothing more is known as the principle of least privilege.
Common mistakes.
- A. Active Directory is a directory service used for managing users, computers, and other network resources, but it is a tool, not the concept describing this access practice.
- B. Hierarchical access refers to a structured permission model where access rights might cascade down a hierarchy, but it doesn't specifically define the "nothing more" aspect.
- C. Zero Trust is a broader security model that assumes no implicit trust and verifies every access request, but "least privilege" is a fundamental principle within a Zero Trust architecture, not the overarching description of granting "nothing more."
Concept tested. Principle of least privilege
Reference. https://learn.microsoft.com/en-us/azure/active-directory/develop/secure-least-privileged-access
Topics
Community Discussion
No community discussion yet for this question.