Question

An administrator has been working within an organization for over 10 years. He has moved between different IT divisions within the company and has retained privileges from each of the jobs that he's had during his tenure. Recently, supervisors admonished him for making unauthorized changes to systems. He once again made an unauthorized change that resulted in an unexpected outage and management decided to terminate his employment at the company. He came back to work the following day to clean out his desk and belongings, and during this time he installed a malicious script that was scheduled to run as a logic bomb on the first day of the following month. The script will change administrator passwords, delete fi les, and shut down over 100 servers in the datacenter

Which of the following basic principles was violated during the administrator's employment?
A. Implicit deny
B. Least privilege
C. Defensive privileges
D. Loss of availability

Answer 1

The principle violated was Least privilege, as the administrator had more access than necessary for his job, which enabled unauthorized changes and installation of a malicious script.

Step-by-step explanation:

The basic principle violated during the administrator's employment is Least privilege. The principle of least privilege mandates that users, including administrators, should only have the access that is necessary for them to perform their job functions. In this case, the administrator retained privileges from all previous roles, which gave him more access than necessary for his current job function. This excess in privileges allowed him to make unauthorized changes and eventually install a malicious script as a retaliation tactic after termination. To mitigate such risks, organizations should routinely review and revoke unnecessary privileges, following a strict access control policy.