Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least
privilege principles?

A.
User rights reviews

B.
Incident management

C.
Risk based controls

D.
Annual loss expectancy

Explanation:
A least privilege policy should be used when assigning permissions. Give users only the
permissions and rights that they need to do their work and no more.