Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least privilege
principles?

A.
User rights reviews

B.
Incident management

C.
Risk based controls

D.
Annual loss expectancy

Explanation:
A least privilege policy should be used when assigning permissions. Give users only the permissions and rights
that they need to do their work and no more.