An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?

  • User rights reviews
  • Change control
  • Change management
  • Job rotations

CompTIA Security+ SY0-401
  • Network Security
  • Compliance and Operational Security
    • This question is filed here
  • Threats and Vulnerabilities
  • Application, Data and Host Security
  • Access Control and Identity Management
  • Cryptography