A new company policy states that all end-user access to network resources will be controlled based on the users' roles and responsibilities within the organization.
Which of the following security concepts has the company just enabled?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The security concept that the company has enabled is "least privilege". Least privilege is a principle in computer security where a user is granted the minimum necessary access rights and permissions needed to perform their job or task. This principle is often implemented through the use of role-based access control (RBAC), where access to resources is granted based on the user's role or job function.
In this case, the company is implementing a policy that controls end-user access to network resources based on their roles and responsibilities within the organization. This means that each user will be granted only the necessary access rights and permissions to perform their job function, and no more. This reduces the risk of unauthorized access to sensitive information or resources by limiting access to only those who need it.
Certificates are digital documents used to establish the identity of a user or device. They are used in encryption and authentication processes, but do not control access to resources.
Directory permissions refer to the access controls set on directories and files within a file system, but they do not necessarily enforce least privilege.
Blacklists are lists of users, devices, or IP addresses that are denied access to a network or system based on previous malicious behavior, but they do not enforce least privilege.
Therefore, the correct answer is B. Least privilege.