CompTIA Security Plus Mock Test Q266

A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

A. Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.
B. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.
C. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.
D. Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.

Correct Answer: A
Section: Compliance and Operational Security

Reviewing user permissions and group memberships form part of a privilege audit is used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation.

Incorrect Answers:
B: Reviewing the permissions of the transferred users does not address the high turnover of staff only the transfers.
C: Employing measures to ease the help desks work load is not reason to review user permission settings.
D: Ensuring all former employee user accounts have no permissions only address the employees that left and not the transfers.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 9-10