ISC Exam Questions

What security principle is the coffeeshop manager implementing?

Chrissy is a new employee at a coffee shop. She meets three other co-workers onher first day. Since they all work different shifts, sometimes opening the store andsometimes closing the store, they have been given the store security code. Chrissyasks her boss if she will get the code, and her boss says "No, you wont need itbecause youre working the mid-day shift." What security principle is the coffeeshop manager implementing?

Physical control

Least privilege

Separation of duties


The least privilege principle dictates that users should only be given the lowestlevel of access permissions required to do their job. Because Chrissy will not beopening or closing the store, she does not need to know the security code for thestores alarm system.