An auditor’s report discovered several accounts with no activity for over 60 days. The accounts were later
identified as contractors’ accounts who would be returning in three months and would need to resume
the activities. Which of the following would mitigate and secure the auditors finding?
A.
Disable unnecessary contractor accounts and inform the auditor of the update.
B.
Reset contractor accounts and inform the auditor of the update.
C.
Inform the auditor that the accounts belong to the contractors.
D.
Delete contractor accounts and inform the auditor of the update.
Explanation:
A disabled account cannot be used. It is ‘disabled’. Whenever an employee leaves a company, the
employee’s user account should be disabled. The question states that the accounts are contractors’
accounts who would be returning in three months. Therefore, it would be easier to keep the accounts
rather than deleting them which would require that the accounts are recreated in three months time. By
disabling the accounts, we can ensure that the accounts cannot be used; in three months when the
contractors are back, we can simply re-enable the accounts.
Incorrect Answers:
B: Resetting an account is typically something you would do with a computer account rather than a user
account. Resetting an account clears the security identifier associated with the account which effectively
creates a different account with the same name. This would prevent any access to resources that was
granted to the original account. Disabling the accounts would be a better solution.C: Informing the auditor that the accounts belong to the contractors would not prevent access to the
accounts for the three months until the contractors return. This answer does not improve security and is
therefore incorrect.
D: It would be easier to keep the accounts rather than deleting them which would require that the
accounts are recreated in three months time when the contractors return. By disabling the accounts, we
can ensure that the accounts cannot be used; then in three months when the contractors are back, we
can simply re-enable the accounts.