Principle

Security principles are technology-independent guidelines: least privilege (grant only the access a role needs), defense-in-depth (layer controls so no single failure is fatal), fail-secure (default to denied on error), and separation of duties. Least privilege and defense-in-depth appear on nearly every Security+ exam and outlast any specific product or platform.