Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 45

What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?

Answer options

• A. least privilege
• B. need to know
• C. integrity validation
• D. due diligence

Correct answer: A

Explanation

The principle of least privilege ensures that users have only the access necessary to perform their duties, which minimizes the risk of accidental or malicious misuse of resources. The 'need to know' principle is similar but focuses more on information access rather than system permissions. Integrity validation pertains to ensuring data accuracy, while due diligence refers to the care taken to investigate and evaluate potential risks.