Skip to content

Quiz: Least Privilege

← Back to quiz index

2 questions

L1 (2 questions)

1. What is the principle of least privilege and give one concrete Linux example?

Show answer Grant only the minimum permissions needed for a task. Example: instead of giving a deploy user full sudo, use sudoers to allow only 'systemctl restart myapp'. Or use Linux capabilities (cap_net_bind_service) instead of running as root.

2. How do you audit which sudo commands a user has run?

Show answer Check /var/log/auth.log (Debian) or /var/log/secure (RHEL). All sudo executions are logged with user, command, and timestamp. For centralized auditing, ship logs to a SIEM. Also: sudo -l shows what a user is allowed to run.