A penetration test for a retail organization with multiple physical locations reveals that certain branch managers have the ability to grant themselves higher privileges in the corporate network, potentially enabling access to sensitive customer data. Considering the separation of duties and mitigation of insider threat, what operational control should be recommended in the report to address this finding?
Implement role-based access control to enforce separation of duties.
Enforce mandatory vacations for branch managers to identify inappropriate system dependencies.
Implement multifactor authentication for sensitive systems access.
Set up time-of-day restrictions on when branch managers can access the network.
The correct answer is the implementation of role-based access control (RBAC). RBAC is an administrative control that ensures employees are only granted access rights that are necessary to perform their jobs. In this scenario, RBAC would prevent managers from arbitrarily increasing their privileges, as their roles do not require such access, thereby enforcing separation of duties. While mandatory vacations could highlight if any inappropriate access or system dependencies exist, they do not prevent the escalation of privileges. Time-of-day restrictions also do not prevent the managers from granting themselves higher access during allowed hours. Implementing multifactor authentication would increase security but does not directly address the issue of inappropriate privilege escalation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is role-based access control (RBAC)?
Open an interactive chat with Bash
Why is separation of duties important in cybersecurity?
Open an interactive chat with Bash
What are the potential risks of not implementing RBAC?