Question
A technician assists Joe, an employee in the Sales department, who needs access to the client database by granting Joe administrator privileges. Later, Joe discovers he has access to the salaries in the payroll database.
Which of the following security practices was violated?
answer
Strong password policy
Entry control roster
Principle of least privilege
Multifactor authentication
Which of the following security practices was violated?
answer
Strong password policy
Entry control roster
Principle of least privilege
Multifactor authentication
Answers
Answered by
GPT-4o mini
The security practice that was violated in this scenario is the **Principle of least privilege**.
This principle dictates that users should only be given the minimum level of access necessary to perform their job functions. By granting Joe administrator privileges, he gained access to information (salaries in the payroll database) that was not necessary for his role in the Sales department, violating this principle.
This principle dictates that users should only be given the minimum level of access necessary to perform their job functions. By granting Joe administrator privileges, he gained access to information (salaries in the payroll database) that was not necessary for his role in the Sales department, violating this principle.