Which of the following approaches would BEST meet the organization’s goals?

A system uses an application server and database server Employing the principle of least privilege, only database administrators are given administrative privileges on the database server, and only application team members are given administrative privileges on the application server. Audit and log file reviews are performed by the business unit (a separate group from the database and application teams).

The organization wants to optimize operational efficiency when application or database changes are needed, but it also wants to enforce least privilege, prevent modification of log files, and facilitate the audit and log review performed by the business unit.

Which of the following approaches would BEST meet the organization’s goals?
A . Restrict privileges on the log file directory to "read only" and use a service account to send a copy of these files to the business unit.
B . Switch administrative privileges for the database and application servers. Give the application team administrative privileges on the database servers and the database team administrative privileges on the application servers.
C . Remove administrative privileges from both the database and application servers, and give the business unit "read only" privileges on the directories where the log files are kept.
D . Give the business unit administrative privileges on both the database and application servers so they can Independently monitor server activity.

View Answer

Answer: A