CompTIA Security Plus Mock Test Q872

A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?

A.
User rights and permissions review
B. Change management
C. Data loss prevention
D. Implement procedures to prevent data theft

Correct Answer: A
Section: Access Control and Identity Management

Explanation:
Terminal Access Controller Access-Control System (TACACS, and variations like XTACACS and TACACS+) is a client/server-oriented environment, and it operates in a manner
similar to RADIUS. Furthermore TACACS+ allows for credential to be accepted from multiple methods. Thus you can perform user rights and permission reviews with TACACS+.

Incorrect Answers:
B: Change management is the structured approach that is followed to secure a company’s assets and not a risk mitigation strategy.
C: Data loss prevention systems are used mainly to monitor the contents of systems and to make sure that key content is not deleted or removed.
D: Data theft prevention is similar to data loss prevention systems.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 9-10, 146