One of the system administrators at a company is assigned to maintain a secure computer lab. The
administrator has rights to configure machines, install software, and perform user account maintenance.
However, the administrator cannot add new computers to the domain, because that requires authorization from
the Information Assurance Officer.
Which of the following is this an example of?
Rule-based access control
A least privilege policy should be used when assigning permissions. Give users only the permissions that they
need to do their work and no more.