CompTIA Network+ (N10-008) — Question 823

A systems operator is granted access to a monitoring application, configuration application, and timekeeping application. The operator is denied access to the financial and project management applications by the system's security configuration. Which of the following BEST describes the security principle in use?

Answer options

• A. Network access control
• B. Least privilege
• C. Multifactor authentication
• D. Separation of duties

Correct answer: B

Explanation

The correct answer is 'Least privilege' because the operator is only granted access to the applications necessary for their role, while access to sensitive applications is restricted. The other options do not accurately describe this situation; 'Network access control' pertains to managing network access, 'Multifactor authentication' involves verifying user identity, and 'Separation of duties' focuses on dividing responsibilities to reduce risk.