214. The principle of least privilege refers to the security objective of granting users only those accesses they need to perform their job duties. Which of the following actions is inconsistent with the principle of least privilege?

a. Authorization creep

b. Re-authorization when employees change positions

c. Users have little access to systems

d. Users have significant access to systems

214. a. Authorization creep occurs when employees continue to maintain access rights for previously held positions within an organization. This practice is inconsistent with the principle of least privilege.

All the other three choices are incorrect because they are consistent with the principle of least privilege. Reauthorization can eliminate authorization creep, and it does not matter how many users have access to the system or how much access to the system as long as their access is based on need-to-know concept.

Permanent changes are necessary when employees change positions within an organization. In this case, the process of granting account authorizations occurs again. At this time, however, it is also important that access authorizations of the prior position be removed. Many instances of authorization-creep have occurred with employees continuing to maintain access rights for previously held positions within an organization. This practice is inconsistent with the principle of least privilege, and it is security vulnerability.

215. Accountability is important to implementing security policies. Which of the following is least effective in exacting accountability from system users?

a. Auditing requirements

b. Password and user ID requirements

c. Identification controls

d. Authentication controls

215. b. Accountability means holding individual users responsible for their actions. Due to several problems with passwords and user IDs, they are considered to be the least effective in exacting accountability. These problems include easy to guess passwords, easy to spoof users for passwords, easy to steal passwords, and easy to share passwords. The most effective controls for exacting accountability include a policy, authorization scheme, identification and authentication controls, access controls, audit trails, and auditing.

216. Which of the following statement is not true in electronic authentication?

a. The registration authority and the credential service provider may be the same entity

b. The verifier and the relying party may be the same entity

c. The verifier, credential service provider, and the relying party may be separate entities

d. The verifier and the relying party may be separate entities

216. a. The relationship between the registration authority (RA) and the credential service provider (CSP) is a complex one with ongoing relationship. In the simplest and perhaps the most common case, the RA and CSP are separate functions of the same entity. However, an RA might be part of a company or organization that registers subscribers with an independent CSP, or several different CSPs. Therefore a CSP may be an integral part of RA, or it may have relationships with multiple independent RAs, and an RA may have relationships with different CSPs as well.

The statements in the other three choices are true. The party to be authenticated is called a claimant (subscriber) and the party verifying that identity is called a verifier. When a subscriber needs to authenticate to perform a transaction, he becomes a claimant to a verifier. A relying party relies on results of an online authentication to establish the identity or attribute of a subscriber for the purpose of some transaction. Relying parties use a subscriber’s authenticated identity and other factors to make access control or authorization decisions. The verifier and the relying party may be the same entity, or they may be separate entities. In some cases the verifier does not need to directly communicate with the CSP to complete the authentication activity (e.g., the use of digital certificates), which represents a logical link between the two entities rather than a physical link. In some implementations, the verifier, the CSP functions, and the relying party may be distributed and separated.

217. Location-based authentication techniques for transportation firms can be effectively used to provide which of the following?

a. Static authentication

b. Intermittent authentication

c. Continuous authentication

d. Robust authentication

217. c. Transportation firms can use location-based authentication techniques continuously, as there are no time and resource limits. It does not require any secret information to protect at either the host or user end. Continuous authentication is better than robust authentication, where the latter can be intermittent.

218. System administrators pose a threat to computer security due to their access rights and privileges. Which of the following statements is true for an organization with one administrator?

a. Masquerading by a system administrator can be prevented.

b. A system administrator’s access to the system can be limited.

c. Actions by the system administrator can be detected.

d. A system administrator cannot compromise system integrity.

218. c. Authentication data needs to be stored securely, and its value lies in the data’s confidentiality, integrity, and availability. If confidentiality is compromised, someone may use the information to masquerade as a legitimate user. If system administrators can read the authentication file, they can masquerade as another user. Many systems use encryption to hide the authentication data from the system administrators.

Masquerading by system administrators cannot be entirely prevented. If integrity is compromised, authentication data can be added, or the system can be disrupted. If availability is compromised, the system cannot authenticate users, and the users may not be able to work. Because audit controls would be out of the control of the administrator, controls can be set up so that improper actions by the system administrators can be detected in audit records. Due to their broader responsibilities, the system administrators’ access to the system cannot be limited. System administrators can compromise a system’s integrity; again their actions can be detected in audit records.

It makes a big difference whether an organization has one or more than one system administrator for separation of duties or for “least privilege” principle to work. With several system administrators, a system administrator account could be set up for one person to have the capability to add accounts. Another administrator could have the authority to delete them. When there is only one system administrator employed, breaking up the duties is not possible.

219. Logical access controls provide a technical means of controlling access to computer systems. Which of the following is not a benefit of logical access controls?

a. Integrity

b. Availability

c. Reliability

d. Confidentiality

219. c. Computer-based access controls are called logical access controls. These controls can prescribe not only who or what is to have access to a specific system resource but also the type of access permitted, usually in software. Reliability is more of a hardware issue.