You would like to reduce the risk associated with the administrative access you need to give several IT employees. You would like to enforce separation of duties, but you also want them to be able to perform the functions given one another in the case where an employee is absent. To support each employee's primary role, you implement role-based access control. What will be the safest way to allow
them to step in for one another when necessary?
A. Include those permissions in the primary role.
B. Provide those permissions manually when required.
C. Assign all permissions to a single role, and assign the role to all IT employees.
D. Create multiple accounts for each user, and have them use one account only when required.
B
Explanation: To reduce risk the most, you should give them the additional permission on an ad hoc basis as needed.
You might also like to view...
Answer the following questions true (T) or false (F)
1. cin is an output stream object of type ostream. 2. cout has type ostream, i.e., is an output object.
If you are not certain that your e-mail recipient has Word 2007, 2010, or 2013, use _____ file format.
A. the PDF B. the DOCX C. the DOC D. either the DOC or the PDF
The person who creates a meeting and sends the invitations is known as the meeting ____.
A. organizer B. scheduler C. creator D. initiator
Give two reasons why RAID cannot replace backups.
What will be an ideal response?