Multiuser accounts and shared passwords inherently carry which of the following risks?
Multiuser accounts and shared passwords inherently carry which of the following risks?
When multi-user accounts and shared passwords are used, the primary risk is unauthorized access. Shared passwords can easily be distributed and misused, leading to individuals gaining access to sensitive information or systems without proper authorization. While privilege escalation and other security vulnerabilities are concerns in general IT security, the defining issue with shared passwords is the potential for users who should not have access getting into the system.
correct answer - C
shared accounts and passwords increase the likelihood of an unauthorized access
Agreed. But, It doesn't say "Shared Accounts" or "Shared Passwords" it says "Multi-User" accounts which implies they are authorized accounts set up for multiple users. For instance, a process engineering station with a single login, a trainee logging on will likely have the same privileges as a supervisor on the account - hence privilege escalation. Poor question anyway.
Apologies, it does say "Shared Passwords" - rest of my point still stands.
Answer C
The principle of least privilege should be applied to all administrator or otherwise privileged accounts on both IT and OT, in order to reduce the risk of privilege escalation. This control should be measured by ensuring that the principle is being applied when granting privileges and confirming that no accounts are designated as domain administrators. * Apply principle of least privilege to all administrator / privileged accounts * Privilege escalation Unauthorized access * No user account should always have administrator or super-user privileges. IT and OT assets NIST CSF: PR.AC ISA 62443-2- 14.3.3.7.3 ISA 62443-3-3 1 https://www.cisa.gov/sites/default/files/publications/Common_Baseline_v2_Controls_List_508c.pdf Page 4
My apologies, please delete this comment, it should be C
It should be C
Answer C
I agree its A - It escalates the privilege of some of the account users to the highest level required by any of the account multi-users. If someone is an approved user of a multi-user account, they have authorized access. But too much privilege.
clearly C