15.1
|
Innocent victim (e.g. owner, operator or maintenance engineer) is tricked into taking an action to unintentionally load malware or enable an attack
|
M18
|
Measures shall be implemented for defining and controlling user roles and access privileges, based on the principle of least access privilege
|