Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 899

Which design principle states that a user has no access by default to any resource, and unless a resource is explicitly granted, it should be denied?

Answer options

Correct answer: B

Explanation

The correct answer, fail-safe defaults, means that resources are denied access unless permission is specifically given. Least privilege allows users to have the minimum necessary access, economy of mechanism emphasizes simplicity in design, and complete mediation requires all accesses to be checked, which does not inherently imply default denial.