Isaca Certified Information Systems Auditor CISA Question # 443 Topic 45 Discussion
CISA Exam Topic 45 Question 443 Discussion:
Question #: 443
Topic #: 45
Which of the following is the BEST way to enforce the principle of least privilege on a server containing data with different security classifications?
A.
Limiting access to the data files based on frequency of use
B.
Obtaining formal agreement by users to comply with the data classification policy
C.
Applying access controls determined by the data owner
D.
Using scripted access control lists to prevent unauthorized access to the server
The best way to enforce the principle of least privilege on a server containing data with different security classifications is to apply access controls determined by the data owner. The principle of least privilege states that users should only have the minimum level of access required to perform their tasks. The data owner is the person who has the authority and responsibility to classify, label, and protect the data according to its sensitivity and value. The data owner can define the access rightsand permissions for each user or role based on the data classification policy and the business needs. This will ensure that only authorized and appropriate users can access the data and prevent unauthorized or excessive access that could compromise the confidentiality, integrity, or availability of the data. References:
CISA Review Manual (Digital Version)
CISA Questions, Answers and Explanations Database
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit