The Principle of Fail-Safe Defaults states that, unless a subject is given explicit access to an object, it should be denied access to that object

Clearly stated in below url The principle of least privilege states that a subject should be given only those privileges that it needs in order to complete its task. The principle of fail-safe defaults states that, unless a subject is given explicit access to an object, it should be denied access to that object. https://www.informit.com/articles/article.aspx?p=30487&seqNum=2

Answer is B No more arguing about this. https://www.informit.com/articles/article.aspx?p=30487&seqNum=2#:~:text=The%20principle%20of%20fail-safe%20defaults%20states%20that%2C%20unless,is%20not%20explicitly%20granted%2C%20it%20should%20be%20denied.

While both A and B appear correct, the key words in the question seem to more closely match option B 'fail safe defaults' according to the CISA website https://www.cisa.gov/uscert/bsi/articles/knowledge/principles/failing-securely https://www.cisa.gov/uscert/bsi/articles/knowledge/principles/least-privilege

https://medium.com/strike-sh/rest-security-design-principles-434bd6ee57ea Fail-Safe Defaults A user’s default access level to any resource in the system should be “denied” unless they have been granted a “permit” explicitly.

Least privilege means you can still access resources but with limited permission. abviously A is not the answer. B is the correct one.

it's from Zero-trust model, the least-privilege

I think in cisco world it's called least privilege. cant find any document for fail-safe defaults

B is correct

It's A by far. The principle of least privilege is about restricting access rights to the minimum necessary, while fail-safe defaults is about ensuring that a system defaults to a secure state in the face of errors or unexpected conditions.

The answer is 100% A - admin please change.