SOL-C01 · Question #47
SOL-C01 Question #47: Real Exam Question with Answer & Explanation
The correct answer is A: Create custom roles with specific privileges required for their tasks and grant those roles to the. Options A and B are the most appropriate actions. A directly addresses the principle of least privilege by creating custom roles with specific privileges and revoking the 'ACCOUNTADMIN' role. Option B enhances the security posture by implementing MFA, reducing the risk of unautho
Question
A security auditor discovers that multiple users are using the 'ACCOUNTADMIN' role directly for their daily tasks. This violates the principle of least privilege. Which of the following actions should you take to remediate this situation? (Choose two)
Options
- ACreate custom roles with specific privileges required for their tasks and grant those roles to the
- BImplement Multi-Factor Authentication (MFA) for all users with the 'ACCOUNTADMIN' role to
- CEducate the users about the risks of using the 'ACCOUNTADMIN' role and instruct them to use it
- DGrant the 'SECURITYADMIN' role to these users instead of `ACCOUNTADMINS.
- ECreate a view that hides sensitive data and grant 'SELECT' on the view to users. Keep granting
Explanation
Options A and B are the most appropriate actions. A directly addresses the principle of least privilege by creating custom roles with specific privileges and revoking the 'ACCOUNTADMIN' role. Option B enhances the security posture by implementing MFA, reducing the risk of unauthorized access to the `ACCOUNTADMIN' role. Option C is a weak mitigation. Option D is not the correct approach, as 'SECURITYADMIN' still has broad privileges. E doesn't address the problem of over-privileging.
Topics
Community Discussion
No community discussion yet for this question.