Which statement below is NOT correct about reviewing user accounts?

seenagapeOctober 30, 2015

PrepAway - Latest Free Exam Questions & Answers

A.
User account reviews can examine conformity with the concept of least privilege.

B.
User account reviews cannot be conducted by outside auditors.

C.
User account reviews may be conducted on a system-wide basis.

D.
User account reviews may be conducted on an application-byapplication basis.

Explanation:
It is necessary to regularly review user accounts on a system. Such reviews may examine the levels of
access each individual has, conformity with the concept of least privilege, whether all accounts are
still active, whether management authorizations are up-to-date, or whether required training has
been completed, for examplE. These reviews can be conducted on at least two levels: on an
application-byapplication basis or on a systemwide basis. Both kinds of reviews can be conducted by,
among others, in-house systems personnel (a selfaudit), the organizations internal audit staff, or
external auditors. Source: National Institute of Standards and Technology, An Introduction to
Computer Security: The NIST Handbook Special Publication 800-12.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which statement below is NOT correct about reviewing user accounts?

Leave a Reply Cancel reply