Which security practice involves granting the minimum privileges necessary to perform a task?

Study for the NetApp Certified Technology Associate NS0-002 Exam. With detailed flashcards and multiple choice questions, including hints and explanations, you'll be well-prepared to ace your exam!

Multiple Choice

Which security practice involves granting the minimum privileges necessary to perform a task?

Explanation:
Restricting a user’s or process’s access to only what is necessary to complete a task is the principle of least privilege. This approach reduces the risk of mistakes or malicious actions by limiting capabilities to what is strictly required, thereby shrinking the attack surface and making accountability easier. In practice, you grant minimal permissions and only elevate them when a justified need arises, using models like RBAC or ABAC to enforce these boundaries. For example, a data analyst might need read access to a dataset but not the ability to modify or delete it, and a service account should not have administrator privileges. Why the other practices don’t fit: sharing credentials among team members makes it impossible to track who did what and broadens access in ways that aren’t justifiable. Disabling multi-factor authentication weakens the login process and increases the chance of unauthorized access. Reusing the same password across accounts creates a single point of failure; if one account is compromised, others are at risk.

Restricting a user’s or process’s access to only what is necessary to complete a task is the principle of least privilege. This approach reduces the risk of mistakes or malicious actions by limiting capabilities to what is strictly required, thereby shrinking the attack surface and making accountability easier. In practice, you grant minimal permissions and only elevate them when a justified need arises, using models like RBAC or ABAC to enforce these boundaries. For example, a data analyst might need read access to a dataset but not the ability to modify or delete it, and a service account should not have administrator privileges.

Why the other practices don’t fit: sharing credentials among team members makes it impossible to track who did what and broadens access in ways that aren’t justifiable. Disabling multi-factor authentication weakens the login process and increases the chance of unauthorized access. Reusing the same password across accounts creates a single point of failure; if one account is compromised, others are at risk.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy