Certificate of Cloud Security Knowledge v5 (CCSK) — Question 2

Which practice best helps mitigate security risks by minimizing root/core access and restricting deployment creation?

Answer options

• A. Enforcing the principle of ‘trust and eventually verify on demand’
• B. Disabling multi-factor authentication for staff and focusing on decision makers’ accounts
• C. Deploying applications with full access and applying restrictions based on the need to object
• D. Enforcing the principle of least privilege

Correct answer: D

Explanation

The principle of least privilege ensures that users have only the access necessary to perform their tasks, thus minimizing potential security risks. Options A and B contradict security best practices by either providing excessive trust or reducing authentication measures. Option C allows for broad access initially, which can lead to vulnerabilities, whereas option D effectively restricts access, enhancing security.