Answer-first summary for fast verification
Answer: Always apply the minimal access level required
The principle of least privilege advocates for always applying the minimal access level required. This approach enhances security by limiting access rights for users to the bare minimum necessary to perform their tasks. Additionally, it's recommended to use groups as a best practice, control who can change policies and group memberships, enforce audit policy changes, and enable audit logs to record project-level permission changes.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
What is considered a best practice in the context of the 'Principle of least privilege' within IAM? (Select One)
A
Never control who can change policies and group memberships at the organizational level
B
Always apply the minimal access level required
C
Never control who can change policies and group memberships at the project level
D
Always apply the maximum access level required
No comments yet.