Which policy change best prevents unauthorized escalation of privileges?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CCST Cybersecurity Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which policy change best prevents unauthorized escalation of privileges?

Explanation:
The principle of least privilege is being tested: give each user only the minimum rights necessary to perform their job. When privileges are restricted to what’s actually needed, even if an account is compromised, the attacker cannot easily climb to higher, unauthorized levels because those elevated permissions aren’t granted by default. This approach directly prevents unauthorized escalation by design, since tasks are completed with only the permissions required. It’s reinforced by access control mechanisms like role-based access control, separation of duties, and just-in-time access, which keep permissions tight and auditable. Logging when elevated privileges are used is still important for detecting abuse and tracing actions, but it doesn’t stop an escalation from occurring on the first attempt. Increasing administrative rights increases risk rather than reduces it. Disabling access reviews removes a check that keeps permissions aligned with current roles, allowing unnecessary rights to linger. Assigning the least privilege to perform the task provides the strongest preventive control against unauthorized privilege escalation.

The principle of least privilege is being tested: give each user only the minimum rights necessary to perform their job. When privileges are restricted to what’s actually needed, even if an account is compromised, the attacker cannot easily climb to higher, unauthorized levels because those elevated permissions aren’t granted by default.

This approach directly prevents unauthorized escalation by design, since tasks are completed with only the permissions required. It’s reinforced by access control mechanisms like role-based access control, separation of duties, and just-in-time access, which keep permissions tight and auditable.

Logging when elevated privileges are used is still important for detecting abuse and tracing actions, but it doesn’t stop an escalation from occurring on the first attempt. Increasing administrative rights increases risk rather than reduces it. Disabling access reviews removes a check that keeps permissions aligned with current roles, allowing unnecessary rights to linger. Assigning the least privilege to perform the task provides the strongest preventive control against unauthorized privilege escalation.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy