CompTIA Security+ (SY0-501) — Question 372

A systems administrator has created network file shares for each department with associated security groups for each role within the organization.
Which of the following security concepts is the systems administrator implementing?

Answer options

• A. Separation of duties
• B. Permission auditing
• C. Least privilege
• D. Standard naming conversation

Correct answer: C

Explanation

The correct answer is 'Least privilege' because the administrator is granting access to files based on roles, ensuring users only have the permissions necessary for their job functions. 'Separation of duties' refers to dividing tasks among different individuals to reduce risk, which is not the focus here. 'Permission auditing' involves reviewing permissions, and 'Standard naming conversation' pertains to naming conventions, neither of which apply to the scenario described.