NCAE Mapping Hub Authoritative cross-reference for DCWF, NCAE Knowledge Units, O*NET, and the EWU Cyber Operations program

Security+ · 1.0 General Security Concepts

Least privilege

Every user, process, and system component is granted only the permissions needed to do its job. nothing more. A web server runs as `www-data`, not root; `torch_bearer` has INSERT rights on `db`, not on other databases.

How this shows up at NCAE

When you harden SSH, set `PermitRootLogin no`. When configuring Samba, give the scoring user access only to the `files` share. Violating least-privilege is how red team pivots from a small compromise to full control.