Question

In the situation where Prachi, a database administrator, is allowed to add or delete users but cannot read or modify the database data, which security concept is being applied?

A) Separation of duties
B) Role-Based Access Control (RBAC)
C) Least Privilege Principle
D) Two-factor authentication

Answer 1

The security concept being applied is Least Privilege Principle. It ensures that individuals are granted the minimum level of access necessary to perform their job functions and helps protect sensitive information.

Step-by-step explanation:

The security concept being applied in this situation is Least Privilege Principle. The Least Privilege Principle ensures that individuals are granted the minimum level of access necessary to perform their job functions. In this case, Prachi, the database administrator, is only allowed to add or delete users, but cannot read or modify the database data.

This principle helps reduce the risk of unauthorized access or misuse of data. By limiting the privileges of users, the organization can protect sensitive information and maintain the integrity of the database. Applying the Least Privilege Principle is an important practice in ensuring the security of data.

For example, if Prachi had access to read or modify the database data, there would be a higher risk of unauthorized access or accidental changes to the data, potentially leading to data breaches or integrity issues.