A recent audit has revealed that several users have retained permissions to systems they should
no longer have rights to after being promoted or changed job positions. Which of the following
controls would BEST mitigate this issue?
A.
Separation of duties
B.
User account reviews
C.
Group based privileges
D.
Acceptable use policies
Explanation:
B.
1
0
Definitely B.
1
0
Separation of duties policies are designed to reduce the risk of fraud and to prevent other losses in an organization by requiring more than one person to accomplish key processes.
I don’t see why the answer is A. It is definitely B.
1
0
B
1
0
The problem in here is that of access.
In AD, access is best managed by the use of Group Membership.
Group Policy is a hierarchical infrastructure that allows a network administrator in charge of Microsoft’s Active Directory to implement specific configurations for users and computers. Group Policy can also be used to define user, security and networking policies at the machine level.
So I can create a group called SALES. If someone moves from SALES and goes to HR, I can then remove the person from the SALES group and then add the person to the HR group. This is the best way to manage access
So to my mind the best answer is C.Group based privileges
0
0