CompTIA Security Plus Mock Test Q234

A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?

A. Mandatory vacations
B. Job rotation
C. Least privilege
D. Time of day restrictions


Correct Answer: C
Section: Compliance and Operational Security

Explanation:
A least privilege policy is to give users only the permissions that they need to do their work and no more. That is only allowing security administrators to be able to make changes to the firewall by practicing the least privilege principle.

Incorrect Answers:
A: A mandatory vacation policy requires all users to take time away from work to refresh.
B: Job rotation is used to supply redundancy insofar as abilities are concerned so that the company is not at risk of any one administrator. But in this case least privilege is the best
practice that should be followed.
D: Time of Day restrictions allows you to configure an account to allow account validity for a set time period, but if the culprit is a network administrator then this configuration is within
his/her account tights to modify. As the security administrator you should assign only the least privilege principle in this case.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 151-154