Greetings,
Most online sources recommend using a "domain account with limited privileges" instead of the local system account, as the account under which SQL Server's various services run. I am trying to understand specifically why this is so.

If I understand correctly, using the local system account limits anything an intruding user can do, to simply that PC, keeping them from being able to get anywhere else in the domain or network. A domain account, no matter how limited, still provides access to an intruder, outside the affected PC. I would much appreciate if someone could explain to me the specifics of why using a "domain account with limited privileges" is recommended, and exactly what the "limited privileges" are.

I am fairly new to SQL Server, my background is primarily in application and database development, and the security aspect has previously been handled by network staff.

Thanks,
Randy