CERTIFIED-IN-CYBERSECURITY · Question #191
CERTIFIED-IN-CYBERSECURITY Question #191: Real Exam Question with Answer & Explanation
The correct answer is A: Account review. Account review is a process used to verify that employees have the necessary privileges considering their roles within the organization (see ISC2 Study Guide, Module 1, under Privileged Access Management). It involves periodically reviewing the permissions granted to each user ac
Question
What process should the company undertake to verify that an employee has the necessary privileges, considering their roles in HR, payroll, and customer service?
Options
- AAccount review
- BRe-provisioning
- CPrivilege creep
- DAccount revocation
Explanation
Account review is a process used to verify that employees have the necessary privileges considering their roles within the organization (see ISC2 Study Guide, Module 1, under Privileged Access Management). It involves periodically reviewing the permissions granted to each user account and ensuring they are still relevant and necessary. This process can help prevent privilege creep, the gradual accumulation of access privileges beyond what is required for an employee's current job responsibilities. Re-provisioning involves reassigning privileges to an employee who has changed roles, while account revocation is the process of revoking an account's access privileges.
Topics
Community Discussion
No community discussion yet for this question.