An individual moves from a customer support department to a product development unit. They continue to access ticketing system accounts and design repositories, including ones not typically associated with their new responsibilities. Which reason describes why they still have these privileges?
Legacy password rules remain active
The environment's sign-on system enforced multiple factors incorrectly
When access settings are not updated after a department shift, previous rights remain whenever group memberships from the old role remain in place. That is how the employee can still reach resources meant for the previous position. A password rule would not explain cross-department privileges, and truncated logs would not cause someone to retain access. Requiring multiple factors during sign-on adds authentication steps but does not remove old permissions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to update group memberships when an employee changes roles?
Open an interactive chat with Bash
What is the principle of least privilege, and how does it apply to this scenario?
Open an interactive chat with Bash
How can organizations prevent issues caused by outdated group memberships?