Which of the following correctly describe “good” security practice?
A.
Accounts should be monitored regularly.
B.
You should have a procedure in place to verify password strength.
C.
You should ensure that there are no accounts without passwords.
D.
All of the choices.
Explanation:
In many organizations accounts are created and then nobody ever touches those accounts
again. This is a very poor security practice. Accounts should be monitored regularly,
you should look at unused accounts and you should have a procedure in place to ensure
that departing employees have their rights revoke prior to leaving the company. You
should also have a procedure in place to verify password strength or to ensure that
there are no accounts without passwords.