Which term below BEST describes the concept of least privilege?

A.
Active monitoring of facility entry access points.

B.
Each user is granted the lowest clearance required for their tasks.

C.
A formal separation of command, program, and interface functions.

D.
A combination of classification and categories that represents the sensitivity of information.

Explanation:
The least privilege principle requires that each subject in a system
be granted the most restrictive set of privileges (or lowest clearance)

needed for the performance of authorized tasks. The
application of this principle limits the damage that can result from
accident, error, or unauthorized use. Applying this principle may
limit the damage resulting from accidents, errors, or unauthorized
use of system resources.
*Answer “A formal separation of command, program, and interface functions.” describes
separation of privilege, which is the separation
of functions, namely between the commands, programs, and
interfaces implementing those functions, such that malicious or erroneous
code in one function is prevented from affecting the code or
data of another function.
*Answer “A combination of classification and categories that represents the sensitivity of
information.” is a security level. A security level is the combination of
hierarchical classification and a set of non-hierarchical categories that
represents the sensitivity of information.
*Answer “Active monitoring of facility entry access points.” is a distracter. Source: DoD 5200.28-STD Department
of Defense Trusted Computer System Evaluation Criteria.