Which of the following statements reflects an industry-recommended best practice for managing privileged administrative accounts in an enterprise environment?
Multi-factor authentication is disabled on privileged accounts to avoid delays during maintenance windows.
Administrators share a common root or "superuser" password so they can collaborate quickly on urgent issues.
Each administrator uses unique, individually assigned credentials for privileged activities that are logged and auditable.
Privileged passwords are embedded (hard-coded) in automation scripts to prevent job failures.
The best practice is to assign each administrator a unique, individually issued set of privileged credentials that are monitored and auditable. This approach enforces individual accountability, produces clear audit trails, and allows credentials to be revoked promptly when an administrator changes roles or leaves the organization. Sharing accounts, hard-coding passwords in scripts, or disabling multi-factor authentication all increase the risk of compromise, impede forensic investigations, and violate modern PAM guidance.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Privileged Account Management (PAM) solutions?
Open an interactive chat with Bash
What are the risks associated with sharing administrative credentials?
Open an interactive chat with Bash
What does the principle of least privilege mean?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access