What does the principle of least privilege mean in the context of user account management?

  1. Users should have the minimum permissions needed to perform their job ✓
  2. Administrator accounts should be shared among the IT team
  3. Users should use guest accounts by default
  4. All users should have the same level of access

Correct answer: Users should have the minimum permissions needed to perform their job

Option A is correct because the principle of least privilege dictates that every user, process, and system component should be granted only the minimum permissions required to perform its intended function, reducing the attack surface if an account is compromised. Option B is incorrect because sharing administrator accounts violates both least privilege and the principle of individual accountability, making it impossible to audit who performed privileged actions. Option C is incorrect because guest accounts typically provide very restricted or anonymous access and are not appropriate as the default working account for employees who need role-specific permissions. Option D is incorrect because granting all users the same level of access ignores role-based distinctions and would inevitably give most users more privilege than they need.

Topic: · least privilege, user account management, access control, security fundamentals

Practice CompTIA A+ Core 2 (220-1102) Questions Free