Answer-first summary for fast verification
Answer: Users should be granted permission to access only resources they need to do their assigned job
## Explanation The principle of least privilege means giving users only the minimum permissions necessary to perform their specific job functions. **Why Option B is correct:** - This directly implements the principle of least privilege by granting access only to resources needed for assigned tasks - It minimizes security risks by reducing the attack surface - It prevents accidental or intentional misuse of unnecessary privileges **Why other options are incorrect:** - **Option A**: Granting access to all AWS services violates the principle by providing excessive permissions - **Option C**: While documentation is good practice, it doesn't inherently implement the principle of least privilege - **Option D**: Providing extra access "just in case" directly contradicts the principle of least privilege **Key Takeaway:** The principle of least privilege is a fundamental security concept that helps reduce security risks by limiting user permissions to only what is absolutely necessary for their specific role.
Author: Ritesh Yadav
Ultimate access to all questions.
No comments yet.
Which of the following is an example of the principle of least privilege?
A
Users should be granted access to all AWS services to use basic AWS services
B
Users should be granted permission to access only resources they need to do their assigned job
C
Users should submit all access requests in written so that there is a paper trail of who needs access to different AWS resources
D
Users should always have a little more access granted to them than they need, just in case they end up needing it in the future