To increase costs

To improve compliance

To encourage unauthorized activity

To limit visibility

To make it easier for attackers to gain unauthorized access

To reduce the risk of unauthorized access

No authenticationTo limit user access

Weak authenticationTo increase the number of security incidents

Least privilege

Need to know

Separation of duties

All of the above

Increased security incidents

Reduced visibility

Improved efficiency

Decreased compliance

Password authentication

Biometric authentication

Token authentication

Role-based authentication

Creating and managing user accounts, assigning permissions, and monitoring user activity

Disabling user accounts, changing user passwords, and deleting user accounts

Assigning permissions only

Monitoring user activity only