What is the relation between need-to-know and least privilege?

Prepare for the Trusted Agent Module 2 Exam. Engage with in-depth quizzes featuring flashcards and multiple-choice questions. Each question comes with hints and detailed explanations to enhance your learning. Equip yourself for exam success!

Multiple Choice

What is the relation between need-to-know and least privilege?

Explanation:
Restricting access to only what is needed to perform a task. Need-to-know means someone can access specific data only if there’s a justified reason for that particular task, while least privilege means giving a user only the minimal set of permissions required to do their job. Used together, they limit both the data someone can see and the actions they can perform, reducing the risk of exposure or misuse. For example, a human resources worker might view only the records they need for their duties, and a service account would have only the permissions necessary to run its processes. They are complementary approaches to access control, not unrelated, and they apply to data and system actions—not just physical access.

Restricting access to only what is needed to perform a task. Need-to-know means someone can access specific data only if there’s a justified reason for that particular task, while least privilege means giving a user only the minimal set of permissions required to do their job. Used together, they limit both the data someone can see and the actions they can perform, reducing the risk of exposure or misuse. For example, a human resources worker might view only the records they need for their duties, and a service account would have only the permissions necessary to run its processes. They are complementary approaches to access control, not unrelated, and they apply to data and system actions—not just physical access.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy