Understanding the Principle of Least Privilege | MCSA/MCSE 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (Exam Prep)

Objective:

Implement secure network administration procedures.

Implement the principle of least privilege.

Windows Server 2003 is inherently more secure right out of the box than any previous version of Windows. Although Windows Server 2003 is more secure than its predecessors, that fact does not relieve you of the responsibility to evaluate, implement, and audit security measures for Windows Server 2003 servers. In addition, you still need to be aware of the security problems that can affect Windows 2000, Windows XP, and legacy clients.

The use of security templates, which is discussed in the next section, combined with careful planning and attentive administration of the network, can enforce the principle of least privilege on a network. This principle means that users are given only the minimum privileges required to perform the specific set of tasks that they have been assigned.

If you use the principle of least privilege, a compromised user account has a smaller impact on the overall security of the network than a compromised account that contains permissions that the user did not need. Ideally, all normal user operations should be carried out in the context of a regular user account. If additional privileges are required for a specific reason, the administrator can either log in to the network with a special account for the purpose of performing those actions or use the Run As command to perform those actions within the context of the account that has the additional privileges.