CompTIA Exam Questions

Which mitigation measure would detect and correct this?

An internal auditor is concerned with privilege creep that is associated with transfers inside the
company. Which mitigation measure would detect and correct this?

User rights reviews

Least privilege and job rotation

Change management

Change Control

A privilege audit is used to determine that all groups, users, and other accounts have the
appropriate privileges assigned according to the policies of an organization. This means that a
user rights review will reveal whether user accounts have been assigned according to their β€˜new’
job descriptions , or if there are privilege creep culprits after transfers has occurred.