A security team establishes controls, including permission settings that will be used to create multiple security points that a threat actor must get through to breach their organization. Which OWASP principle does this scenario describe?1 pointPrinciple of least privilegeDefense in depthKeep security simpleSeparation of duties

A security team has just finished addressing a recent security incident. They now conduct tests to ensure that all of their repairs were successful. Which OWASP principle does this scenario describe?1 pointMinimize attack surface areaPrinciple of least privilegeFix security issues correctlySeparation of duties

A security analyst disables certain software features to reduce the potential vulnerabilities that an attacker could exploit at their organization. Which OWASP security principle does this scenario describe?1 pointSeparation of dutiesFix security issues correctlyDefense in depthMinimize the attack surface

Rebecca, a security professional, was instructed to limit employees’ access to critical resources. For this purpose, she implemented an access principle that provides permission to access only necessary resources that are required for their job tasks. The permissions can be extended later based on changes in their job roles. Identify the access principle implemented by Rebecca in the above scenario.Group of answer choicesPrinciple of least privilege (POLP)Rule-based access controlNeed-to-knowSeparation of duties (SoD)

Which of the following security design principles says ‘access decisions should be based on permission rather than exclusion’?Group of answer choicesFail-safe defaultsComplete mediationSeparation of privilegeLeast Astonishment

_____________ refers to the violation of principle, if the system is no more accessible.*2 pointsConfidentialityAccess controlAvailabilityPassword