SY0-701 · Question #284
SY0-701 Question #284: Real Exam Question with Answer & Explanation
The correct answer is D: Securing domain administrator credentials in a PAM vault and controlling access with role-based. Using a Privileged Access Management (PAM) vault to secure domain administrator credentials and enforcing role-based access control (RBAC) is the most comprehensive solution. PAM systems help manage and control access to privileged accounts, ensuring that only authorized personne
Question
A security audit of an organization revealed that most of the IT staff members have domain administrator credentials and do not change the passwords regularly. Which of the following solutions should the security learn propose to resolve the findings in the most complete way?
Options
- ACreating group policies to enforce password rotation on domain administrator credentials
- BReviewing the domain administrator group, removing all unnecessary administrators, and rotating
- CIntegrating the domain administrator's group with an IdP and requiring SSO with MFA for all
- DSecuring domain administrator credentials in a PAM vault and controlling access with role-based
Explanation
Using a Privileged Access Management (PAM) vault to secure domain administrator credentials and enforcing role-based access control (RBAC) is the most comprehensive solution. PAM systems help manage and control access to privileged accounts, ensuring that only authorized personnel can access sensitive credentials. This approach also facilitates password rotation, auditing, and ensures that credentials are not misused or left unchanged. Integrating PAM with RBAC ensures that access is granted based on the user's role, further enhancing security.
Community Discussion
No community discussion yet for this question.