Question

Jim was originally hired into the helpdesk at his current employer has since then moved into finance.

During a rights audit, it is discovered that he still has the ability to change passwords for other staff memebers.
What is this issue called?
A.Rights mismanagement
B.Least privileges
C.Permission misalignment
D.Privilege creep

Answer 1

The issue in question is 'Privilege Creep,' where Jim has retained permissions from a previous job that exceed what he should have in his current position, creating a security risk.

Step-by-step explanation:

The issue described in the question is known as Privilege Creep. When an employee transitions from one role to another within a company, they should no longer retain the permissions and rights associated with their previous position. However, if these permissions are not appropriately revoked, the individual can accumulate excessive access rights over time, leading to a security risk. Privilege creep occurs when employees retain access to resources beyond what is necessary for their current job function, violating the principle of least privilege, which dictates that users should have the minimum level of access, or permissions, needed to perform their job functions effectively.