Option A: A one-size-fits-all approach ignores the unique requirements of different roles and leads to
over-permissioning or under-permissioning, both of which are undesirable from a security perspective.
Option B: Granting administrative privileges universally undermines security and increases the
likelihood of human error or exploitation. Only specific roles requiring administrative capabilities should
have such access.
Option C: Broad policies that grant universal access violate the principle of least privilege. They expose
the environment to unnecessary risks, such as unauthorized data access or resource modification.
Option D: This approach follows the principle of least privilege, ensuring users and roles have access
only to the resources and actions required for their responsibilities. This minimizes the attack surface,
reduces the risk of accidental or malicious misuse, and adheres to best practices in identity and access
management.
