ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 254 discussion

Actual exam question from CompTIA's CAS-003
Question #: 254
Topic #: 1
[All CAS-003 Questions]

A security administrator is advocating for enforcement of a new policy that would require employers with privileged access accounts to undergo periodic inspections and review of certain job performance data. To which of the following policies is the security administrator MOST likely referring?

  • A. Background investigation
  • B. Mandatory vacation
  • C. Least privilege
  • D. Separation of duties
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by D1960 at July 9, 2020, 9:39 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Big_Wes
3 years, 1 month ago
Selected Answer: B
job performance, How else but mando Vacay
upvoted 1 times
...
theguru
3 years, 4 months ago
It is not "Least privilege" for sure. The question is talking about 2 things: "undergo periodic inspections and review of certain job performance data." ....See, "and review of certain job performance data"... what best option will allow the employer to perform that part than Mandatory vacation?. So, if you just limit your comprehension of the question to " would require employers with privileged access accounts to undergo periodic inspections", yeah, you will probably choose C as your answer...but that's not it.
upvoted 2 times
...
chris1025
3 years, 7 months ago
The answer is least privilege. They are reviewing privileged accounts to ensure they have the right access for their role. For example if someone is transferred or promoted, you would want to review their access to ensure it's not too much or too little for their job.
upvoted 1 times
...
Aixelsyd
3 years, 10 months ago
Mandatory vacations focus on fraudulent activity, where as this question is asking about the job performance of those with administrative privileges.
upvoted 2 times
D1960
3 years, 8 months ago
Might be splitting hairs, but by "job performance" they may not mean how well you did your job, but how you went about about performing your job. Maybe you assigned permissions in a way that did not make sense, and might be a little suspicious.
upvoted 1 times
D1960
3 years, 8 months ago
Either way, I don't suppose a mandatory vacation would be necessary.
upvoted 1 times
...
...
...
infosec208
4 years ago
Agree with CragShield. B is the only thing it can be.
upvoted 1 times
...
Trap_D0_r
4 years, 2 months ago
C is correct.
upvoted 2 times
D1960
4 years ago
Least privilege means you are not given access to anything you do not need access to, in order to do your job. This is simply a precautionary measure, and is based on your job description, not a "periodic inspections and review of certain job performance data."
upvoted 1 times
...
...
TheThreatGuy
4 years, 2 months ago
I think the answer is correct here. If we do a review of the users performance data (what they have done) we are better able to determine what they need, and can review their rights / limit their privileges
upvoted 2 times
...
CragShield
4 years, 2 months ago
B. Mandatory Vacation. A background investigation is done before your employment and is supplemented by periodic security reviews. During a mandatory vacation is when privileged account access can be audited and reviewed to find discrepancies or evidence of fraud/maleficence.
upvoted 2 times
D1960
4 years ago
Mandatory vacation has nothing to do with periodic inspections and review of certain job performance data. There is no reason an employee has to be on vacation to review job performance. The reasons for mandatory vacation have nothing to do with inspecting job performance.
upvoted 1 times
...
D1960
4 years ago
Is a "periodic security reviews" so completely different than "periodic inspections and review of certain job performance data?" especially when such "periodic inspections" are being advocated by the security administrator? I doubt the security administration is advocating such inspection to see if you should get a raise.
upvoted 1 times
...
D1960
3 years, 8 months ago
Why must the admin be on vacation for "periodic inspections and review of certain job performance data?" This is going to be part of the company policy, apparently a routine matter, not part of a fraud investigation.
upvoted 1 times
...
...
D1960
4 years, 9 months ago
A. Background investigation Just look up the definitions of "background investigation" and "least privilege"
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago