CISSP Practice Question (Domain 5: Identity and Access Management)

A long-tenured engineer has accumulated access across six business units through internal transfers. A recent audit flagged the account as having excessive privileges, but managers insist the access is "needed for cross-functional projects." What should you do FIRST?

A. Disable unused entitlements based on the last 90 days of activity logs

B. Initiate a formal access recertification with each respective data owner

C. Implement a role-based access control model to replace direct grants

D. Escalate to HR to enforce a job description review

Come back for the answer tomorrow, or study more now!

12 comments