Least privilege vs separation of duties
teancum144
Member Posts: 229 ■■■□□□□□□□
in Security+
I came across a question worded similarly to the following:
An administrator is provided two accounts:
A. Mandatory Access Control
B. Least Privilege
C. Separation of duties
D. Multi-factor authentication
The answer is "B", but why not "C"?
An administrator is provided two accounts:
- Administrative privileges (no network privileges)
- Network services (no admin privileges)
A. Mandatory Access Control
B. Least Privilege
C. Separation of duties
D. Multi-factor authentication
The answer is "B", but why not "C"?
If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. 
Comments
-
Darril
Member Posts: 1,588
The separation of duties principle separates the duties for a specific activity between two or more people. In your example, only one person (the administrator) is mentioned.
While this is a good account management practice, I'm not sure it's a good example of a least privilege though.
I'm thinking you must be pretty close to taking this exam. Do you have a target date in mind? -
cyberguypr
Mod Posts: 6,928 Mod
Just wanted to add a link that digs into the concept of separation of duties. There you can see clear examples of its importance in IT.
Separation of Duties in Information Technology