A security administrator is responsible for performing periodic reviews of user permission settings due to high
turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and
security rationale for performing such reviews?
Review all user permissions and group memberships to ensure only the minimum set of permissions
required to perform a job is assigned.
Review the permissions of all transferred users to ensure new permissions are granted so the employee
can work effectively.
Ensure all users have adequate permissions and appropriate group memberships, so the volume of help
desk calls is reduced.
Ensure former employee accounts have no permissions so that they cannot access any network file stores
Reviewing user permissions and group memberships form part of a privilege audit is used to determine that all
groups, users, and other accounts have the appropriate privileges assigned according to the policies of the