Implementing Cisco Service Provider Advanced Solutions (SPCOR2) — Question 14
Which computer security concept is violated when a web server is written that uses the "root" account for all interactions with a Linux system?
Answer options
- A. RBAC
- B. PermitRootLogin
- C. certificate-based authentication
- D. principle of least privilege
Correct answer: D
Explanation
The principle of least privilege states that users and processes should operate using the least amount of privilege necessary to perform their tasks. Using the 'root' account for all web server interactions grants excessive permissions, increasing the risk of security breaches. The other options, while related to security, do not directly address the misuse of privileges as clearly as the principle of least privilege does.