During a third-party audit, it is determined that a member of the firewall team can request, approve, and implement a new rule-set on the firewall. Which of the
following will the audit team most l likely recommend during the audit out brief?
A.
Discretionary access control for the firewall team
B.
Separation of duties policy for the firewall team
C.
Least privilege for the firewall team
D.
Mandatory access control for the firewall team