nerdexam
CompTIA

SY0-301 · Question #587

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

The correct answer is B. Perform routine user permission reviews.. Routine user permission reviews (Option B) are the best practice for mitigating risk in access control. Over time, users accumulate permissions beyond what they need (privilege creep), and periodic reviews ensure access rights align with current job roles and the principle of lea

Security program management and oversight

Question

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

Options

  • AConduct surveys and rank the results.
  • BPerform routine user permission reviews.
  • CImplement periodic vulnerability scanning.
  • DDisable user accounts that have not been used within the last two weeks.

How the community answered

(45 responses)
  • A
    9% (4)
  • B
    87% (39)
  • C
    2% (1)
  • D
    2% (1)

Explanation

Routine user permission reviews (Option B) are the best practice for mitigating risk in access control. Over time, users accumulate permissions beyond what they need (privilege creep), and periodic reviews ensure access rights align with current job roles and the principle of least privilege. Option A (Conduct surveys) is not a recognized or effective security control for access rights. Option C (Periodic vulnerability scanning) identifies technical vulnerabilities in systems, not misassigned user permissions. Option D (Disabling accounts unused for two weeks) is overly aggressive-two weeks is too short a threshold and would disrupt legitimate users on leave, while not addressing active accounts with excessive permissions. Regular access reviews directly address the risk of inappropriate access rights.

Topics

#user access review#access control#risk mitigation#permission management

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice