A security administrator is drafting a new policy for reviewing user account permissions to enforce the principle of least privilege. What is the MOST important factor in determining the frequency of these reviews?
The total number of user accounts in the directory.
A mandatory daily schedule as required by all security best practices.
A risk-based approach considering data sensitivity and compliance requirements.
The frequency of user account permission reviews should be determined by a risk-based approach. This involves analyzing the sensitivity of the data, the criticality of the systems, and any applicable regulatory or compliance requirements (such as PCI DSS, SOX, or HIPAA). While factors like the number of users might influence the workload, they do not dictate the required frequency. High-risk systems with sensitive data require more frequent reviews (e.g., quarterly), while lower-risk systems may be reviewed less often (e.g., semi-annually or annually). A mandatory daily schedule is not a standard best practice and is generally impractical.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is auditing user account permissions important?
Open an interactive chat with Bash
What does the principle of least privilege mean?
Open an interactive chat with Bash
How should an organization determine the frequency of user account audits?