Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least
privilege principles?
A.
User rights reviews
B.
Incident management
C.
Risk based controls
D.
Annual loss expectancy
Explanation:
A least privilege policy should be used when assigning permissions. Give users only the
permissions and rights that they need to do their work and no more.