Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 270

Which of these is a defense-in-depth strategy principle?

Answer options

• A. Identify the minimum resource required per employee.
• B. Provide the minimum permissions needed to perform job functions.
• C. Disable administrative accounts to avoid unauthorized changes.
• D. Assign the least network privileges to segment network permissions.

Correct answer: B

Explanation

The correct answer is B, as providing the minimum permissions necessary is a core principle of defense-in-depth, ensuring that users only have access to what they need. Options A, C, and D do not directly align with this strategy; A focuses on resource allocation, C on account management rather than permission levels, and D on network privileges, which, while important, is not as directly related to the principle of least privilege.