SY0-501 · Question #53
SY0-501 Question #53: Real Exam Question with Answer & Explanation
The correct answer is D: Account expiration policy. To prevent misuse of a stale administrator account, an account expiration policy is the most effective technical control, as it ensures inactive accounts are automatically disabled.
Question
During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?
Options
- ACredential management
- BGroup policy management
- CAcceptable use policy
- DAccount expiration policy
Explanation
To prevent misuse of a stale administrator account, an account expiration policy is the most effective technical control, as it ensures inactive accounts are automatically disabled.
Common mistakes.
- A. Credential management focuses on protecting active credentials and their secure handling, but it does not specifically prevent a stale account from remaining active and being misused.
- B. Group Policy Management is a tool used to configure various settings, including account policies, but it is not the specific preventative policy itself that directly addresses account staleness.
- C. An acceptable use policy defines expected behavior and outlines prohibitions, but it is a governance control that does not technically prevent an active, stale account from being exploited.
Concept tested. Account lifecycle management and expiration policies
Community Discussion
No community discussion yet for this question.