Joe, an employee, reports to the security manager that several files in a research and development folder that
only JOE has access to have been improperly modified. The modified data on the files in recent and the
modified by account is Joe’s. The permissions on the folder have not been changed, and there is no evidence
of malware on the server hosting the folder or on Joe’s workstation. Several failed login attempts to Joe’s
account were discovered in the security log of the LDAP server.
Given this scenario, which of the following should the security manager implement to prevent this in the future?
Generic account prohibition
User access reviews