CLF-C02 Domain 2: Security and Compliance

What does the principle of least privilege recommend?

Multiple choice — select one answer

Answer choices

  1. a. A document defining permissions, using password reset alone and deferring session revocation until the next business day
  2. b. AWS IAM Identity Center (SSO)
  3. c. Grant administrators all permissions by default, using shared credentials instead of individual accountability.
  4. d. Grant only permissions required to perform a task

Architectural breakdown & explanation

Least privilege limits access to the minimum needed, reducing blast radius.

Correct answer(s): d. Grant only permissions required to perform a task

Exam domain: Domain 2: Security and Compliance (30% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the AWS Certified Cloud Practitioner bank. Run a full timed practice exam with domain-weighted random questions in your browser.