A department head at a university resigned on the first day of the spring semester. It was subsequently determined that the department head deleted numerous files and directories from the server-based home directory while the campus was closed.
Which of the following policies or procedures could have prevented this from occurring?
A.
Time-of-day restrictions
B.
Permission auditing and review
C.
Offboarding
D.
Account expiration
poorly worded question. A department head would likely keep working even between semesters. No reason for their account to expire. If the question had been about an adjunct professor it would make more sense.
B would seem to be the correct answer. If this person’s credentials had been audited they would’ve discovered he had access to stuff and the ability to delete stuff that he shouldn’t have.
1
1
It retrospect, it probably is D because the question never says anything about him deleting things he shouldn’t have had access to. If he deleted things he was supposed to have access to, then an audit wouldn’t have prevented that.
D only makes sense if the employee would not have come into the office or done any work during break and his account would’ve expired at the end of the semester. That would make more sense if the employee was a temp (i.e. adjunct prof), but I suppose this is plausible. maybe.
0
0
When they say “WHILE THE CAMPUS WAS CLOSED” do they mean closed as in the end of a workday or closed as in for a month between semesters?
0
0
If he resigned, they should have performed “Offboarding”.
“Offboarding as a technical process is understood here as a software-supported process in personnel and identity management, which ensures the safe deactivation and documentation of the access rights of employees who have been relieved, thus preventing data misuse and theft. As part of computer security, the process will also ensure that access privileges are revoked when a person leaves, and may also cover other issues such as the recovery of equipment, keys and credit cards to ensure that security integrity be maintained.”
That being said…..Like you wrote earlier, this is a poorly worded question because did they “subsequently” discover the deletions that he did before he resigned (in which case B or C could be correct). or….The way I understand this question, he deleted stuff after he resigned and they “subsequently” found the deletions?
11
2
A doesn’t make sense – if he deleted stuff at night he could have deleted it in the morning.
B doesn’t fit as there is no indication this is not stuff he should be able to delete, and has nothing to do with him resigning or when he resigns. The part about “Home” directory suggests that he should have permission.
C doesn’t fit since there is no indication that he deleted the stuff after he resigned.
D doesn’t make any sense to me at all – why would an account expire while he’s still employed?
In short, I see no good answers. I would guess A assuming he deleted stuff at night and then resigned first thing in the morning, but it’s a bad answer, he could just as easily have deleted stuff first thing in the morning then resigned 5 minutes later.
2
1
I think JohnnyMac has got s valid point in here.
If C. Offboarding was properly followed, this would have never happened, as during offboarding user accounts are disable with immediate effect.
https://www.softwareadvice.com/resources/employee-offboarding-checklist/
2
1
I looked at couple of sites and there answer is C, Offboarding.
2
0
Does any one know how often the exams are changed. Or how different are the exams one from the other. Any suggestions on were I got for best study material.
0
0