Security Basics mailing list archives

Conflict of interests

From: s0h0us () yahoo com
Date: Mon, 4 May 2009 12:16:45 -0600

As a security guy, not part of the IT department, I require a level of access in order to perform my job. Certain types 
of tools require privileged access in order to work. Like having domain admin access and/or similar privileged access 
for unix and linux systems. Is it reasonable to request this type of access without causing any type of conflict of 
interest that internal auditors might question? I guess audit trails would come in handy here.
Thanks for the feedback.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. 
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified 
Penetration Tester exams, taught by an expert with years of real pen testing experience.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------

Current thread:

Conflict of interests s0h0us (May 04)
- RE: Conflict of interests Ian Bradshaw (May 05)
- RE: Conflict of interests Nick Vaernhoej (May 05)
- Re: Conflict of interests Sebastien MAHIEUX (May 05)
- Message not available
  - Re: Conflict of interests s0h0us (May 05)
    - RE: Conflict of interests James Flaherty (May 05)
- RE: Conflict of interests James Flaherty (May 05)
- Re: Conflict of interests David Schekaiban (May 05)
- Re: Conflict of interests Richard Thomas (May 05)
  - Re: Conflict of interests s0h0us (May 05)
    - Re: Conflict of interests Richard Thomas (May 05)

(Thread continues...)