CISSP Question #557: Real Exam Question with Answer & Explanation

The correct answer is C: Review. In the access provisioning lifecycle, periodic access reviews are the primary mechanism for detecting access aggregation (privilege creep), where users accumulate excessive permissions over time.

Submitted by takeshi77· Mar 5, 2026Identity and Access Management (IAM)

Question

Which of the following is a process in the access provisioning lifecycle that will MOST likely identify access aggregation issues?

Options

ATest
BAssessment
CReview
DPeer review

Explanation

In the access provisioning lifecycle, periodic access reviews are the primary mechanism for detecting access aggregation (privilege creep), where users accumulate excessive permissions over time.

Common mistakes.

A. Testing in the access provisioning lifecycle typically validates that provisioning workflows and controls function correctly, not that accumulated user entitlements are appropriate.
B. An assessment is generally a broader, one-time or periodic evaluation of security posture or risk, not a continuous lifecycle process focused on individual user entitlement aggregation.
D. Peer review in provisioning contexts typically involves a colleague validating a specific access request at the time it is made, which does not address the cumulative buildup of access rights over time.

Concept tested. Access review detecting privilege creep in IAM lifecycle

Reference. https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview

Topics

#access provisioning#access review#privilege aggregation#IAM lifecycle

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions