SY0-501 Question #120: Real Exam Question with Answer & Explanation

Question

A company is terminating an employee for misbehavior. Which of the following steps is MOST important in the process of disengagement from this employee?

Options

• AObtain a list of passwords used by the employee.
• BGenerate a report on outstanding projects the employee handled
• CHave the employee surrender company identification.
• DHave the employee sign an NDA before departing

Explanation

When terminating an employee, especially for misbehavior, the most critical immediate security step is revoking physical access by having the employee surrender company identification (badges, keycards, etc.). This prevents the terminated employee from re-entering secured facilities.

Common mistakes.

• A. Obtaining a list of passwords used by the employee is less critical than revoking physical access, and proper security practice dictates that shared or system accounts should have passwords reset rather than collected from the departing employee.
• B. Generating a report on outstanding projects is an administrative and operational concern, not a security priority, and does not directly mitigate the immediate risk posed by a terminated employee with misbehavior.
• D. Having the employee sign an NDA after termination is generally not enforceable if it was not signed prior to or at the start of employment, and it is a legal measure rather than an immediate security control.

Concept tested. Employee offboarding physical access revocation security

Reference. https://www.nist.gov/privacy-framework/nist-sp-800-53

No community discussion yet for this question.