Cybersecurityknowledge~30 mins

Principle of least privilege in Cybersecurity - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Practice Challenge Project Recall Time

Understanding the Principle of Least Privilege

📖 Scenario: You are part of a small company's IT team. Your task is to set up user permissions so that each employee can only access the information and tools they need to do their job.

🎯 Goal: Build a simple permission list that follows the Principle of Least Privilege, ensuring users have only the minimum access necessary.

📋 What You'll Learn

Create a dictionary named user_permissions with exact user names and their assigned permissions.

Add a variable named minimum_access that lists the basic permissions every user should have.

Use a loop with variables user and permissions to check and adjust permissions according to the Principle of Least Privilege.

Add a final step that updates the user_permissions dictionary to remove any permissions beyond the minimum required.

💡 Why This Matters

🌍 Real World

In real companies, limiting user permissions reduces the risk of accidental or malicious damage to data and systems.

💼 Career

Understanding and applying the Principle of Least Privilege is essential for cybersecurity roles, system administration, and IT management.

Progress0 / 4 steps

Create the initial user permissions dictionary

Create a dictionary called user_permissions with these exact entries: 'Alice': ['read', 'write', 'delete'], 'Bob': ['read', 'write'], 'Charlie': ['read'].

Cybersecurity

# Create the user_permissions dictionary with exact entries
# Your code here

Need a hint?

Use curly braces {} to create a dictionary and square brackets [] for the list of permissions.

Define the minimum access permissions

Add a variable called minimum_access and set it to the list ['read'] to represent the basic permission every user should have.

Cybersecurity

user_permissions = {
    'Alice': ['read', 'write', 'delete'],
    'Bob': ['read', 'write'],
    'Charlie': ['read']
}

# Define the minimum_access list
# Your code here

Need a hint?

Use a list with one string element 'read' to represent minimum access.

Check and adjust permissions using a loop

Use a for loop with variables user and permissions to iterate over user_permissions.items(). Inside the loop, update each user's permissions to only include those in minimum_access.

Cybersecurity

user_permissions = {
    'Alice': ['read', 'write', 'delete'],
    'Bob': ['read', 'write'],
    'Charlie': ['read']
}

minimum_access = ['read']

# Loop through user_permissions and update permissions
# Your code here

Need a hint?

Use a list comprehension inside the loop to keep only permissions that are in minimum_access.

Finalize the permission update

Add a final line that confirms the user_permissions dictionary now only contains the minimum access permissions for each user.

Cybersecurity

user_permissions = {
    'Alice': ['read', 'write', 'delete'],
    'Bob': ['read', 'write'],
    'Charlie': ['read']
}

minimum_access = ['read']

for user, permissions in user_permissions.items():
    user_permissions[user] = [perm for perm in permissions if perm in minimum_access]

# Final confirmation step
# Your code here

Need a hint?

This step is to ensure the dictionary reflects the Principle of Least Privilege after the loop.