CompTIA Security Plus Mock Test Q618

An auditor’s report discovered several accounts with no activity for over 60 days. The accounts were later identified as contractors’ accounts who would be returning in three months and would need to resume the activities. Which of the following would mitigate and secure the auditors finding?

A. Disable unnecessary contractor accounts and inform the auditor of the update.
B. Reset contractor accounts and inform the auditor of the update.
C. Inform the auditor that the accounts belong to the contractors.
D. Delete contractor accounts and inform the auditor of the update.


Correct Answer: A
Section: Threats and Vulnerabilities

Explanation:
A disabled account cannot be used. It is ‘disabled’. Whenever an employee leaves a company, the employee’s user account should be disabled. The question states that the accounts are contractors’ accounts who would be returning in three months. Therefore, it would be easier to keep the accounts rather than deleting them which would require that the accounts are recreated in three months time. By disabling the accounts, we can ensure that the accounts cannot be used; in three months when the contractors are back, we can simply reenable the accounts.

Incorrect Answers:
B: Resetting an account is typically something you would do with a computer account rather than a user account. Resetting an account clears the security identifier associated with the account which effectively creates a different account with the same name. This would prevent any access to resources that was granted to the original account. Disabling the accounts would be a better solution.
C: Informing the auditor that the accounts belong to the contractors would not prevent access to the accounts for the three months until the contractors return. This answer does not improve security and is therefore incorrect.
D: It would be easier to keep the accounts rather than deleting them which would require that the accounts are recreated in three months time when the contractors return. By disabling the accounts, we can ensure that the accounts cannot be used; then in three months when the contractors are back, we can simply re-enable the accounts.