PrepAway - Latest Free Exam Questions & Answers

Which of the following could Ann implement to help identify accounts that are still active for terminated empl

Ann, a security analyst, has discovered that her company has very high staff turnover and often user
accounts are not disabled after an employee leaves the company. Which of the following could Ann
implement to help identify accounts that are still active for terminated employees?

PrepAway - Latest Free Exam Questions & Answers

A.
Routine audits

B.
Account expirations

C.
Risk assessments

D.
Change management

Explanation:
Routine audits are carried out after you have implemented security controls based on risk. These audits
include aspects such as user rights and permissions and specific events.
Incorrect Answers:
B: Account expiration is in essence the disablement of an account. This is not going to identify accounts
that are still active when it should have been terminated already.
C: Risk assessments are the initial and thereafter repeated process of evaluating the assets, threats and
risks of the company so that it can be used to guide the development of a security policy.
D: Change management is the structured approach that is followed to secure a company’s assets.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 293
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 10, 28, 369, 402


Leave a Reply