Google Cloud Digital Leader Practice Exam

Which security principle advocates granting users only the access they need to perform their job responsibilities?

• A. Security by default
• B. Least privilege
• C. Zero-trust architecture
• D. Privileged access

The correct answer is: Least privilege

The principle of least privilege is crucial in security management as it emphasizes that users should only be provided with the minimum level of access necessary to carry out their specific job functions. This approach effectively minimizes potential risks and vulnerabilities within a system, as it limits the amount of sensitive information and critical system configurations that any single user can access. By adhering to the least privilege principle, organizations can reduce the potential attack surface, as the chances of unauthorized access or misuse of information are diminished. This makes it harder for malicious actors to exploit accounts, especially if users have access only to resources that are relevant to their roles. Furthermore, this principle encourages regular audits and reviews of both user roles and access levels to ensure that permissions remain appropriate as job responsibilities evolve. In contrast, security by default generally involves applying standardized security measures unless otherwise stated, which does not focus specifically on user access needs. Zero-trust architecture is a broader security model that assumes that threats can exist both inside and outside the network, focusing on strict access controls and verification processes, but it does not singularly advocate for the concept of limiting access to job-related necessities. Privileged access refers to higher levels of access granted to users with administrative capabilities and does not inherently promote the idea of restricting access based on job