An administrator was asked to review user accounts. Which of the following has the potential to cause the MOST amount of damage if the account was compromised?
A. A password that has not changed in 180 days B. A single account shared by multiple users C. A user account with administrative rights D. An account that has not been logged into since creation
Explanation: A user account with administrative rights has the same rights as an administrator account on a computer. An administrator account is a user account that lets you make changes that will affect other users. Administrators can change security settings, install software and hardware, and access all files on the computer. Administrators can also make changes to other user accounts. This compares to a standard user (non-administrative) account which has limited rights on a computer. For example, a standard user account cannot install software, cannot make system changes that would affect other users and cannot access other users’ files. Therefore, a compromised user account with administrative rights has the potential for the most damage.
A small business owner is looking to assign users to a Windows group level. They have the following requirements for these users, and stress that they should receive no more privileges than necessary: The users should not be able to change passwords for higher level accounts. The users need the ability to install software. The users cannot create new accounts for others. Which of the following group levels will BEST meet these needs?
A. Remote Desktop Users B. Power Users C. Standard Users D. Administrators