Free Preparation Discussions
MENU
ISC2 Exam ISSMP Topic 4 Question 12 Discussion
Topic #: 4
You are the Network Administrator for a software company. Due to the nature of your company's business, you have a significant number of highly computer savvy users. However, you have still decided to limit each user access to only those resources required for their job, rather
than give wider access to the technical users (such as tech support and software engineering personnel). What is this an example of?
No matter how technically proficient the users are, it is always proper for an administrator to grant each user the least/lowest privileges possible for them to do their job (thus the term least privileges). You should never grant any user any more access than they require to perform their job functions.
Answer option D is incorrect. This is absolutely not poor resource management, but rather wise security policy, thus wise resource management.
Answer option A is incorrect. The term 'maximum control' is not a valid network security term.
Answer option C is incorrect. An ACL or access control list is used to control access to resources by matching a user on the list with rights to a resource. This may or may not have the user with more access than their job requires.
Currently there are no comments in this discussion, be the first to comment!