Which policy complies with guidance in the security pillar of the AWS Well-Architected Framework?

By:
In: CLF-C01
Tagged:
With: 2 Comments
A company is reviewing its operating policies.

Which policy complies with guidance in the security pillar of the AWS Well-Architected Framework?

Ensure that employees have access to all company data.

Expand employees’ permissions as they gain more experience.

Grant all privileges and access to all users.

Apply security requirements at all layers of a process.

Explanations:

Granting access to all company data does not align with the principle of least privilege.

Expanding permissions with experience can lead to excessive privileges beyond job requirements.

Granting all privileges to all users increases security risks and violates least privilege.

Applying security requirements at all layers aligns with defense in depth, a core security principle.

2026-03-23

2 Comments

  1. Arthur
    Author

    I strategize that the answer is:
    Apply security requirements at all layers of a process.

  2. Jesse
    Author

    As I recall, the answer is:
    Apply security requirements at all layers of a process.

Leave a Reply to Arthur Cancel reply

Your email address will not be published. Required fields are marked *

1 × 3 =