Crucial Exams

ISC2 CISSP Practice Question

During a routine security audit, an organization discovers that several employees have access to sensitive financial data systems even though their roles do not require it. Which of the following practices should the organization implement to enhance control over logical access?

  • Implement role-based access control (RBAC) to align access permissions with job responsibilities.

  • Implement a temporary access pass system that requires regular renewals without specific role-based restrictions.

  • Allow department heads to grant access to their teams based on assessed needs.

  • Apply a standardized access control approach, assigning similar access rights to employees across different roles.

ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot