PrepAway - Latest Free Exam Questions & Answers

Which of the following BEST describes the procedure and security rationale for performing such reviews?

A security administrator is responsible for performing periodic reviews of user permission settings due to
high turnover and internal transfers at a corporation. Which of the following BEST describes the
procedure and security rationale for performing such reviews?

PrepAway - Latest Free Exam Questions & Answers

A.
Review all user permissions and group memberships to ensure only the minimum set of permissions
required to perform a job is assigned.

B.
Review the permissions of all transferred users to ensure new permissions are granted so the
employee can work effectively.

C.
Ensure all users have adequate permissions and appropriate group memberships, so the volume of
help desk calls is reduced.

D.
Ensure former employee accounts have no permissions so that they cannot access any network file
stores and resources.

Explanation:
Reviewing user permissions and group memberships form part of a privilege audit is used to determine
that all groups, users, and other accounts have the appropriate privileges assigned according to the
policies of the corporation.
Incorrect Answers:B: Reviewing the permissions of the transferred users does not address the high turnover of staff only the
transfers.
C: Employing measures to ease the help desks work load is not reason to review user permission settings.
D: Ensuring all former employee user accounts have no permissions only address the employees that left
and not the transfers.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 9-10


Leave a Reply