A security administrator notices that a specific network administrator is making unauthorized changes to
the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that
only security administrators can make changes to the firewall?

A.
Mandatory vacations

B.
Job rotation

C.
Least privilege

D.
Time of day restrictions

Explanation:
A least privilege policy is to give users only the permissions that they need to do their work and no more.
That is only allowing security administrators to be able to make changes to the firewall by practicing the
least privilege principle.
Incorrect Answers:
A: A mandatory vacation policy requires all users to take time away from work to refresh.
B: Job rotation is used to supply redundancy insofar as abilities are concerned so that the company is not
at risk of any one administrator. But in this case least privilege is the best practice that should be
followed.
D: Time of Day restrictions allows you to configure an account to allow account validity for a set time
period, but if the culprit is a network administrator then this configuration is within his/her account tights
to modify. As the security administrator you should assign only the least privilege principle in this case.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 151-154