Principle of Least Privilege

More than one person required for critical tasks

Question

Which security principle requires more than one person is required to perform a critical task?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

The security principle that requires more than one person to perform a critical task is the "separation of duties."

Separation of duties is a security principle that aims to reduce the risk of fraud or error by ensuring that no single person has complete control over a critical task or process. It requires the assignment of different roles and responsibilities to multiple individuals to prevent any one person from having too much power over a process or transaction.

For example, in a financial institution, the separation of duties may require that one person is responsible for creating financial transactions, while another person is responsible for reviewing and approving those transactions. This ensures that no single individual has complete control over the financial transaction process, reducing the risk of fraud or error.

The separation of duties is a key component of a secure system design and is often used in conjunction with other security principles such as "least privilege" and "need to know." By implementing the separation of duties principle, organizations can mitigate the risk of insider threats and ensure that critical tasks and processes are performed with appropriate oversight and accountability.