A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

  • Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced
  • Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned
  • Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively
  • Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources

CompTIA Security+ SY0-401
  • Network Security
  • Compliance and Operational Security
    • This question is filed here
  • Threats and Vulnerabilities
  • Application, Data and Host Security
  • Access Control and Identity Management
  • Cryptography