Which of the following correctly describe “good” security practice?
A.
Accounts should be monitored regularly.
B.
You should have a procedure in place to verify password strength.
C.
You should ensure that there are no accounts without passwords.
D.
All of the choices.
Explanation:
In many organizations accounts are created and then nobody ever touches those accounts again.
This is a very poor security practice. Accounts should be monitored regularly, you should look at
unused accounts and you should have a procedure in place to ensure that departing employees have
their rights revoke prior to leaving the company. You should also have a procedure in place to verify
password strength or to ensure that there are no accounts without passwords.