A system administrator needs to implement a control that ensures users can only access files necessary for their job functions. Which principle is being applied?
Trap 1: Need-to-know
Need-to-know restricts access to information required for a specific task, but least privilege is broader.
Trap 2: Separation of duties
Separation of duties divides critical tasks among multiple people, not about minimum access.
Trap 3: Job rotation
Job rotation moves employees across roles to reduce fraud risk, not about access levels.
- A
Need-to-know
Why wrong: Need-to-know restricts access to information required for a specific task, but least privilege is broader.
- B
Separation of duties
Why wrong: Separation of duties divides critical tasks among multiple people, not about minimum access.
- C
Job rotation
Why wrong: Job rotation moves employees across roles to reduce fraud risk, not about access levels.
- D
Least privilege
Least privilege ensures users have only the permissions necessary to perform their job.