An enterprise security system continuously monitors user behavior and network activity, dynamically adjusting authentication requirements based on risk factors rather than assuming ongoing access. Which security principle is being applied?

The principle of least privilege ensures that users have only the minimal level of access necessary to perform their tasks. While it is an important security measure, it does not inherently involve continuous monitoring or dynamic adjustment based on risk factors. Instead, least privilege focuses on static access rights rather than adapting to real-time behavioral changes.

Separation of privilege refers to requiring multiple conditions to be met before an action is performed, thereby reducing risk. This principle helps mitigate potential threats but does not directly relate to continuous monitoring or adapting authentication requirements based on user behavior and risk levels. It focuses more on the processes involved rather than the dynamic assessment of user activity.

Psychological acceptability pertains to the user-friendliness of security measures, ensuring that users can effectively utilize security protocols without undue burden. While important for adoption, it does not address the dynamic assessment and monitoring aspect of security systems, which is central to the zero trust model.