benlecoq
nc
1 Answers
Faye Ellis
Thanks you!
Certified Security - Specialty
Sign Up Free or Log In to participate!
Typo error on slide name “WHAT IS LEAST PRIVILAGE” instead of Privilege
Sign Up Free or Log In to participate!
nc
Thanks you!
Psst…this one if you’ve been moved to ACG!
Not only that, this is the wrong concept. The security concept at play here is actually known as "default deny".
Least privilege refers to only granting people or systems the minimum amoung of rights or privilege they need to perform their legitimate activities.
https://en.wikipedia.org/wiki/Principle_of_least_privilege
https://securosis.com/blog/network-security-fundamentals-default-deny
So in AWS, its always the deny first that is evaluated, not matter what the order of the access is specified. So irrespective of the order, deny would always be enforced?