nerdexam
ExamsCERTIFIED-IN-CYBERSECURITYQuestions#115
(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #115

CERTIFIED-IN-CYBERSECURITY Question #115: Real Exam Question with Answer & Explanation

The correct answer is C: Trust but verify. The "Trust but verify" model is a method of threat protection that involves granting privileged accounts access to the network and other resources, while at the same time verifying their actions and activities. However, over time, this model was found to have limitations that exp

Access Controls Concepts

Question

Which of these is NOT a best practice in access management?

Options

  • ARequesting a justification when upgrading permission
  • BPeriodically assessing whether user permissions still apply
  • CTrust but verify
  • DGiving only the right amount of permission

Explanation

The "Trust but verify" model is a method of threat protection that involves granting privileged accounts access to the network and other resources, while at the same time verifying their actions and activities. However, over time, this model was found to have limitations that expose organizations to a wide array of security threats. Therefore, "Trust but verify" is being progressively abandoned in favor of the Zero Trust model. The remaining options are all best practices of access management.

Topics

#Access Management#Least Privilege#Security Best Practices#User Permissions

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CERTIFIED-IN-CYBERSECURITY PracticeBrowse All CERTIFIED-IN-CYBERSECURITY Questions