Least privilegeA means to attenuate possibilities for corruption and theft, the organization can craft an environment where no individual person can complete an entire trusted action is known as: Least privilege Need-to-know Separation of dut
The correct answer is **Separation of duties**.
Separation of duties is a security principle that ensures that no single individual has complete control over all aspects of any critical process. This helps to prevent fraud and error by dividing responsibilities among different individuals. It reduces the risk of corruption and theft by ensuring that a single person's actions cannot lead to a trusted action being completed without oversight or collaboration from others.
Least privilege refers to granting users the lowest level of access necessary to perform their jobs, while need-to-know restricts access to information based on the necessity to access that information for work purposes. Account management involves managing user accounts and permissions but does not directly relate to the concept of distributing responsibilities as in separation of duties.
Update (2025-04-23):
The correct term for the concept where no individual person can complete an entire trusted action, thereby reducing the risk of corruption and theft, is **Separation of duties**.
This principle ensures that critical tasks are divided among multiple people, minimizing the risk of fraud and error by requiring collaboration or oversight when completing sensitive actions.
- **Least privilege** refers to granting users the minimum level of access necessary to perform their job functions.
- **Need-to-know** restricts information access to individuals who need it to perform their duties.
- **Account management** involves overseeing user accounts and their access permissions.
So the answer is **Separation of duties**.