A company's administrators see that employees are installing unapproved software on their desktops, raising concerns about harmful applications. They want to reduce user privileges while preserving the ability to complete daily tasks. Which approach best addresses this requirement?
Provide a method that allows standard tasks to run with controlled rights while blocking unapproved software changes
Create additional domain user accounts for staff that replicate enhanced access on endpoints
Activate a system that elevates appropriate processes run by a user account
Grant broad administrator privileges to user accounts to avoid permission errors
Limiting daily rights while allowing an authorized process to escalate privileges upholds key principles of this management approach. It stops unwarranted applications from being installed yet maintains the ability to perform routine activities. Setting up automatically elevated processes for user accounts poses risks by granting unneeded rights. Granting broad rights to user accounts can weaken security. Creating domain accounts with enhanced privileges does not lessen endpoint threats.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the principle of least privilege (PoLP)?
Open an interactive chat with Bash
Why is allowing automatic elevation of processes risky?
Open an interactive chat with Bash
How does controlled execution of tasks balance security and usability?