Which statement below is NOT correct about reviewing user accounts?

seenagapeSeptember 13, 2013

PrepAway - Latest Free Exam Questions & Answers

A.
User account reviews can examine conformity with the concept of
least privilege.

B.
User account reviews cannot be conducted by outside auditors.

C.
User account reviews may be conducted on a system-wide basis.

D.
User account reviews may be conducted on an application-byapplication
basis.

Explanation:
It is necessary to regularly review user accounts on a system. Such
reviews may examine the levels of access each individual has,
conformity with the concept of least privilege, whether all accounts are
still active, whether management authorizations are up-to-date, or
whether required training has been completed, for examplE. These
reviews can be conducted on at least two levels: on an application-byapplication
basis or on a systemwide basis. Both kinds of reviews can
be conducted by, among others, in-house systems personnel (a selfaudit),
the organizations internal audit staff, or external auditors.
Source: National Institute of Standards and Technology, An Introduction
to Computer Security: The NIST Handbook Special Publication 800-12.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which statement below is NOT correct about reviewing user accounts?

Leave a Reply Cancel reply