CompTIA Security Plus Mock Test Q975

A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).

A. Automatically disable accounts that have not been utilized for at least 10 days.
B. Utilize automated provisioning and de-provisioning processes where possible.
C. Request that employees provide a list of systems that they have access to prior to leaving the firm.
D. Perform regular user account review / revalidation process.
E. Implement a process where new account creations require management approval.

Correct Answer: B,D
Section: Access Control and Identity Management

Explanation:
Provisioning and de-provisioning processes can occur manually or automatically. Since the manual processes are so time consuming, the automated option should be used as it is
more efficient. Revalidating user accounts would determine which users are no longer active.

Incorrect Answers:
A: Disabling the accounts would work for users who would return, but these users will not be returning. Therefore, they must be removed.
C: This this option will tell which systems you need to access to manually remove users. This would take a long time, and might allow users to access those systems after they have
left.
E: Account creation is not the problem in this case. It is the fact that accounts aren’t being removed when users have left.

References:
https://technet.microsoft.com/en-us/library/dn487455.aspx