Stan, the new HR manager, wants everyone in his department to have access to create and delete accounts to streamline the process for getting new hires setup in the system. Why is this not a good idea?
This could allow HR employees to by-pass privacy filters, though it isn't that big of a threat since they are HR
HR employees are not usually on the Access Control List (ACL)
This could enable tailgating
This does not keep with the principle of least privilege
This is a clear violation of the principle of least privilege, and it would likely drive the IT department mad. ACLs do not have anything to do with account creation/deletion. Privacy filters are a physical security mechanism that prevent folks from watching your screen, this it does not apply to this situation. Tailgating is when someone follows an authorized individual into a controlled area, also not applicable here.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the principle of least privilege?
Open an interactive chat with Bash
What are Access Control Lists (ACLs) and how do they relate to permissions?
Open an interactive chat with Bash
What are some potential risks of not following the principle of least privilege?