CompTIA Security Plus Mock Test Q974

Privilege creep among long-term employees can be mitigated by which of the following procedures?

A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation

Correct Answer: A
Section: Access Control and Identity Management

Privilege creep is the steady build-up of access rights beyond what a user requires to perform his/her task. Privilege creep can be decreased by conducting sporadic access rights
reviews, which will confirm each user’s need to access specific roles and rights in an effort to find and rescind excess privileges.

Incorrect Answers:
B: Mandatory vacations require each employee to be on vacation for a minimal amount of time each year. During this time a different employee sits at their desk and performs their
work tasks.
C: Separation of duties divides administrator or privileged tasks into separate groupings.
D: Job function rotation allows for employees to be knowledgeable about another employee’s job function in the event that an employee is sick or on vacation.

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 81, 82, 294