During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall.
Which of the following will the audit team most l likely recommend during the audit out brief?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The scenario described in the question suggests that there is a lack of proper controls and segregation of duties in the firewall team. This means that an individual in the team has the ability to request, approve, and implement a new rule-set on the firewall without any oversight.
To address this issue, the audit team is likely to recommend implementing a separation of duties policy for the firewall team. Separation of duties is a principle that requires that no single individual should have complete control over a critical task or process. In this case, the ability to request, approve, and implement a new rule-set on the firewall is a critical task that should be split among different individuals.
By implementing a separation of duties policy, the responsibilities for requesting, approving, and implementing new rule-sets will be assigned to different individuals within the team. This will ensure that no single individual has complete control over the firewall rules and prevent any potential abuse of privilege.
In contrast, the other options presented in the question may not be as effective in addressing the issue. Discretionary access control (DAC) provides the owner of a resource with control over who can access it, but it does not address the issue of having a single individual with too much control. Least privilege is a principle that requires users to be given only the minimum access necessary to perform their duties, but it does not address the issue of segregation of duties.
Mandatory access control (MAC) is a more strict access control mechanism that is often used in high-security environments, but it may not be practical for a firewall team. MAC requires that access to resources is determined by a central authority based on a set of predefined rules. This can be cumbersome and time-consuming to implement, and may not be necessary for the situation described in the question.
Therefore, based on the scenario presented in the question, the audit team is likely to recommend implementing a separation of duties policy for the firewall team.