SY0-301 · Question #290
An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?
The correct answer is D. Run a last logon script to look for inactive accounts.. Running a last logon script automates the detection of accounts that have not been used within a defined period, allowing the administrator to identify and disable stale accounts (like those belonging to former temporary employees). This is the best available option for proactive
Question
An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?
Options
- AImplement a password expiration policy.
- BImplement an account expiration date for permanent employees.
- CImplement time of day restrictions for all temporary employees.
- DRun a last logon script to look for inactive accounts.
How the community answered
(25 responses)- A12% (3)
- B4% (1)
- C8% (2)
- D76% (19)
Explanation
Running a last logon script automates the detection of accounts that have not been used within a defined period, allowing the administrator to identify and disable stale accounts (like those belonging to former temporary employees). This is the best available option for proactively catching and remediating forgotten active accounts. A password expiration policy (A) forces password resets but does not deactivate unused accounts. Option B applies account expiration to permanent employees, which is the wrong population - it does not address temporary workers. Time of day restrictions (C) limit when temporary employees can log in but do not deactivate accounts when their employment ends.
Topics
Community Discussion
No community discussion yet for this question.