Which principle enforces the idea that accounts should have the minimal level of access necessary?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the CompTIA Tech+ (FC0-U71) Exam. Study with flashcards, multiple-choice questions, hints, and explanations to increase your exam readiness and confidence.

Multiple Choice

Which principle enforces the idea that accounts should have the minimal level of access necessary?

Explanation:
Granting only the permissions needed to perform a task is the idea here. This least privilege approach reduces risk by preventing accounts from accessing resources or performing actions beyond what is truly required, so a compromised or misused account can cause less damage. Need-to-know focuses on access to specific data based on necessity, not on the overall level of system permissions. Defense in depth is about layering multiple security controls to protect assets, rather than limiting each account’s access. The term least privilege model is the standard way to describe the practice of granting minimal rights, though some might refer to it as the minimal access principle; the established term is least privilege. Implementing it involves defining roles with only the necessary privileges, applying strict file, process, and network permissions, and regularly reviewing and trimming privileges as duties change.

Granting only the permissions needed to perform a task is the idea here. This least privilege approach reduces risk by preventing accounts from accessing resources or performing actions beyond what is truly required, so a compromised or misused account can cause less damage.

Need-to-know focuses on access to specific data based on necessity, not on the overall level of system permissions. Defense in depth is about layering multiple security controls to protect assets, rather than limiting each account’s access. The term least privilege model is the standard way to describe the practice of granting minimal rights, though some might refer to it as the minimal access principle; the established term is least privilege. Implementing it involves defining roles with only the necessary privileges, applying strict file, process, and network permissions, and regularly reviewing and trimming privileges as duties change.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy