Systems Security Certified Practitioner (SSCP) — Question 18

Which of the following rules is least likely to support the concept of least privilege?

Answer options

• A. The number of administrative accounts should be kept to a minimum.
• B. Administrators should use regular accounts when performing routine operations like reading mail.
• C. Permissions on tools that are likely to be used by hackers should be as restrictive as possible.
• D. Only data to and from critical systems and applications should be allowed through the firewall.

Correct answer: D

Explanation

Option D focuses on restricting access to critical systems, which is more about network security than the least privilege principle. Meanwhile, options A, B, and C all emphasize minimizing access and permissions, which directly supports the concept of least privilege.