CompTIA Security+ (SY0-701) — Question 579

Which of the following should be used to ensure a user has the permissions needed to effectively do an assigned job role?

Answer options

• A. Changing default passwords
• B. Implementing least privilege
• C. Enforcing baseline configurations
• D. Applying network segmentation

Correct answer: B

Explanation

The correct answer is B, as implementing least privilege ensures that users only have the permissions necessary for their job, minimizing the risk of unauthorized access. Changing default passwords (A) improves security but does not directly address permission levels. Enforcing baseline configurations (C) and applying network segmentation (D) are security measures that do not specifically ensure user permissions align with job roles.