CISSP · Question #675
In order to support the least privilege security principle when a resource is transferring within the organization from a production support system administration role to a developer role, what change
The correct answer is C. From Administrator privileges to No Access privileges. The principle of least privilege states that a user should have only the minimum access necessary to perform their job. When a resource (person) moves from a production support system administration role (which typically needs broad OS‑level access) to a developer role, they gene
Question
In order to support the least privilege security principle when a resource is transferring within the organization from a production support system administration role to a developer role, what changes should be made to the resource's access to the production operating system (OS) directory structure?
Options
- AFrom Read Only privileges to No Access Privileges
- BFrom Author privileges to Administrator privileges
- CFrom Administrator privileges to No Access privileges
- DFrom No Access Privileges to Author privileges
How the community answered
(51 responses)- A16% (8)
- B6% (3)
- C75% (38)
- D4% (2)
Explanation
The principle of least privilege states that a user should have only the minimum access necessary to perform their job. When a resource (person) moves from a production support system administration role (which typically needs broad OS‑level access) to a developer role, they generally no longer need direct administrative access to the production OS directory structure. Therefore, to align with least privilege, their access should be removed entirely (No Access) or at most reduced to a tightly scoped, non‑admin role that does not include full OS‑level control.
Topics
Community Discussion
No community discussion yet for this question.