CCCS-203B · Question #235
CCCS-203B Question #235: Real Exam Question with Answer & Explanation
The correct answer is B. Use CIEM's Identity Analyzer to detect privileged accounts without MFA by analyzing policy and. Option A: This method is highly inefficient and prone to errors, especially in environments with numerous accounts. CIEM automates this process, saving time and reducing human error. Option B: CIEM's Identity Analyzer provides an automated approach to identify privileged accounts
Question
Options
- AManually review IAM policies and verify MFA settings for each account.
- BUse CIEM's Identity Analyzer to detect privileged accounts without MFA by analyzing policy and
- CDisable all accounts that have administrative privileges immediately.
- DRequire all users to reset their passwords and enable MFA immediately.
Explanation
Option A: This method is highly inefficient and prone to errors, especially in environments with numerous accounts. CIEM automates this process, saving time and reducing human error. Option B: CIEM's Identity Analyzer provides an automated approach to identify privileged accounts lacking MFA. It scans cloud configuration data and IAM policies, cross-referencing them with MFA settings. This method ensures accurate detection without manual intervention, enabling quick remediation of potential security risks. Option C: Disabling privileged accounts without prior analysis can disrupt critical business operations. CIEM allows for precise identification of accounts that pose risks due to missing MFA, ensuring targeted remediation. Option D: Forcing a blanket password reset and MFA enablement disrupts user workflows and may not address privileged accounts specifically. CIEM ensures a focused approach by targeting accounts that are privileged and lack MFA.
Community Discussion
No community discussion yet for this question.