A security analyst discovers that an employee's workstation has been infected with ransomware. Which security principle has been directly violated?
Trap 1: Availability
Ransomware affects availability, but the direct violation is least privilege.
Trap 2: Separation of duties
Separation of duties prevents fraud, not ransomware.
Trap 3: Defense in depth
Defense in depth is a strategy, not a principle directly violated.
- A
Availability
Why wrong: Ransomware affects availability, but the direct violation is least privilege.
- B
Least privilege
Correct. The user likely had excessive permissions.
- C
Separation of duties
Why wrong: Separation of duties prevents fraud, not ransomware.
- D
Defense in depth
Why wrong: Defense in depth is a strategy, not a principle directly violated.