🏆 Win a Lifetime Membership! Click here to enter.
A company recently experienced a data breach because an employee had excessive system access rights. The CISO wants to implement an approach to permissions that would prevent this situation in future. Which of the following approaches would BEST address this concern?
Access control review
Principle of least privilege
Job rotation
Separation of duties
The principle of least privilege is the BEST approach to address the concern of excessive system access rights. This principle requires that users, processes, and systems are granted the minimum level of access rights necessary to perform their assigned tasks and functions. By implementing least privilege, organizations can significantly reduce their attack surface because even if credentials are compromised, the potential damage is limited to only what that account is authorized to access.
While separation of duties helps prevent fraud by dividing critical functions among different people, it doesn't directly address the issue of excessive access rights. Job rotation is primarily used for fraud detection and cross-training but doesn't limit access capabilities. Access control review is an important periodic process to verify appropriate permissions, but it's not the core principle that governs the initial assignment of rights. The principle of least privilege is the foundational concept specifically targeting the problem of excessive access rights from the beginning.
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
All Information Technology Package plans include the following perks and exams .
Our pricing is simple. Full access to all certifications and exams in each package, for one price.
As many practice tests for as many topics as you want.
Use study mode non-stop, no limits.
Access to our AI assistant, Bash, trained to help you pass your exam.
Track your scores over time in study mode and report cards.
See how you improve over time, and where you need to focus.
Access our store with even bigger discounts than before.
Unlimited access to all performance questions and be prepared for the real thing.
All Information Technology Package plans include unlimited access to the following study materials.
Create an account or sign in to access our study materials.