CISSP - Security Operations - Section 7.4
Apply foundational security operations concepts such as need-to-know, least privilege, separation of duties, privileged account management, and job rotation.
Apply foundational security operations concepts - need-to-know, least privilege, separation of duties, privileged account management, and job rotation - to reduce insider threat and limit the blast radius of compromised accounts. Identify which concept is violated in a given access control scenario and recommend the corrective control.
need-to-knowleast privilegeseparation of dutiesprivileged account managementjob rotation
More in this domain
Back to all Security Operations objectives, or the CISSP cert hub.
Examworthy is not affiliated with or endorsed by (ISC)2. Original, blueprint-aligned practice material only.