CISA Certified Information Systems Auditor – Question1776

Talking about the different approaches to security in computing, the principle of regarding the computer system itself as largely an untrusted system emphasizes:

A.
most privilege
B. full privilege
C. least privilege
D. null privilege
E. None of the choices.

Correct Answer: C

Explanation:

Explanation:
There are two different approaches to security in computing. One focuses mainly on external threats, and generally treats the computer system itself as a trusted system. The other regards the computer system itself as largely an untrusted system, and redesigns it to make it more secure in a number of ways.
This technique enforces the principle of least privilege to great extent, where an entity has only the privileges that are needed for its function.