nerdexam
ExamsCERTIFIED-IN-CYBERSECURITYQuestions#102
(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #102

CERTIFIED-IN-CYBERSECURITY Question #102: Real Exam Question with Answer & Explanation

The correct answer is A: Trust but verify. The "Trust but verify" model is a method of threat protection that involves granting privileged accounts access to the network and other resources, while at the same time verifying their actions and activities. However, over time, this model was found to have limitations that exp

Access Controls Concepts

Question

Which of these is NOT a best practice in access management? ()

Options

  • ATrust but verify
  • BPeriodically assessing whether user permissions still apply
  • CGiving only the right amount of permission
  • DRequesting a justification when upgrading permission

Explanation

The "Trust but verify" model is a method of threat protection that involves granting privileged accounts access to the network and other resources, while at the same time verifying their actions and activities. However, over time, this model was found to have limitations that expose organizations to a wide array of security threats. Therefore, "Trust but verify" is being progressively abandoned in favor of the Zero Trust model. The remaining options are all best practices of access management.

Topics

#Access Management#Best Practices#Access Control Principles#Least Privilege

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CERTIFIED-IN-CYBERSECURITY PracticeBrowse All CERTIFIED-IN-CYBERSECURITY Questions