Which mitigation measure would detect and correct this?

seenagapeNovember 11, 2016

An internal auditor is concerned with privilege creep that is associated with transfers inside the company.
Which mitigation measure would detect and correct this?

PrepAway - Latest Free Exam Questions & Answers

A.
User rights reviews

B.
Least privilege and job rotation

C.
Change management

D.
Change Control

Explanation:
A privilege audit is used to determine that all groups, users, and other accounts have the appropriate
privileges assigned according to the policies of an organization. This means that a user rights review will
reveal whether user accounts have been assigned according to their ‘new’ job descriptions , or if there
are privilege creep culprits after transfers has occurred.
Incorrect Answers:
B: Least privilege is used when permissions are assigned and job rotation means that people are rotating
through jobs, these measures will not detect privilege creep, rather it would present opportunities to
commit privilege creep.
C: Change management is the structured approach that is followed to secure a company’s assets.D: Change control does not allow one to detect privilege creep.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 9-10, 20

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CompTIA Exam Questions

Free CompTIA Study Guide

Which mitigation measure would detect and correct this?

Leave a Reply Cancel reply