CompTIA Security Plus Mock Test Q608

How often, at a MINIMUM, should Sara, an administrator, review the accesses and rights of the users on her system?

A.
Annually
B. Immediately after an employee is terminated
C. Every five years
D. Every time they patch the server


Correct Answer: A
Section: Threats and Vulnerabilities

Explanation:
Reviewing the accesses and rights of the users on a system at least annually is acceptable practice. More frequently would be desirable but too frequently would be a waste of administrative time.

Incorrect Answers:
B: You could check that a user hasn’t accessed your system after the user has been terminated. However, this question is asking about all users. It is unnecessary to check the accesses and rights of all users every time one user is terminated.
C: Every five years is too long. You should check the accesses and rights of the users on a system at least annually.
D: It is unnecessary to check the accesses and rights of the users on a system every time the system is patched. This would be a waste of administrative time.