An administrator is setting up a secure shared folder on the network. Only members of the accounting department should write to the folder, while members from the auditing and sales departments should only be able to review the contents. Which type of permission should the administrator assign to the accounting, auditing, and sales groups respectively?
Modify for accounting, Read & execute for auditing, Write for sales
Read & execute for accounting, Modify for auditing, Full control for sales
Write for accounting, Read for auditing and sales
Full control for accounting, Read for auditing, Write for sales
The correct set of permissions would allow the accounting department to modify the contents (Write permission), while restricting the auditing and sales departments to viewing the contents without making any changes (Read permission). 'Read & execute' permission would allow users to run executable files, which is not a requirement in this scenario. 'Modify' permission grants the ability to read, write, and delete, which should only be given to the accounting department. 'Full control' is an excessive permission for the auditing and sales departments since it permits them to have all possible permissions on the files/folders, including changing permissions and taking ownership, which contradicts the principle of least privilege.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the different types of file permissions?
Open an interactive chat with Bash
What is the principle of least privilege?
Open an interactive chat with Bash
Why is Full Control considered excessive permissions in some scenarios?