CompTIA
SY0-301 · Question #576
SY0-301 Question #576: Real Exam Question with Answer & Explanation
The correct answer is A: Disable unnecessary contractor accounts and inform the auditor of the update.. Inactive contractor accounts should be disabled rather than deleted, preserving them for reactivation upon return while removing the security risk of unattended active accounts.
Question
An auditor's report discovered several accounts with no activity for over 60 days. The accounts were later identified as contractors' accounts who would be returning in three months and would need to resume the activities. Which of the following would mitigate and secure the auditors finding?
Options
- ADisable unnecessary contractor accounts and inform the auditor of the update.
- BReset contractor accounts and inform the auditor of the update.
- CInform the auditor that the accounts belong to the contractors.
- DDelete contractor accounts and inform the auditor of the update.
Explanation
Inactive contractor accounts should be disabled rather than deleted, preserving them for reactivation upon return while removing the security risk of unattended active accounts.
Common mistakes.
- B. Resetting passwords on active accounts does not address the security risk - the accounts remain enabled and could still be exploited.
- C. Simply informing the auditor without taking any remediation action does not mitigate the security finding and leaves the inactive accounts as an ongoing risk.
- D. Deleting the accounts would require creating entirely new accounts with reconfigured permissions when the contractors return, introducing unnecessary administrative overhead when disabling is sufficient.
Concept tested. Lifecycle management of inactive user accounts
Reference. https://learn.microsoft.com/en-us/azure/active-directory/governance/access-reviews-overview
Community Discussion
No community discussion yet for this question.