Question states: ensure user access is MAINTAINED on a least-privilege basis? - surely recertification of access is the most appropriate answer here? (B).
B. User recertification.
User recertification is a process in which an organization regularly reviews and verifies the access rights and privileges of its users. This process helps ensure that users have only the access they need to perform their job functions, in line with the principle of least privilege. It involves checking and confirming that the access levels granted to users are still appropriate, and any unnecessary or excessive privileges are revoked. User recertification is a proactive and systematic approach to maintaining least privilege and reducing the risk of unauthorized access.
D - User authorization is Correct.
As a principle, least privilege falls under the second A in an information security framework known as AAA —authentication, authorization, and accounting (or accountability)
The correct answer is B. User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Cranium
Highly Voted 2 years, 10 months agoStaanlee
Most Recent 7 months, 1 week agoCbtL
1 year agoKoulyo
1 year agoKoulyo
1 year agojohn_boogieman
1 year, 2 months agoThuylt12
1 year, 3 months agoCeecil1959
2 years, 1 month agoCeecil1959
1 year, 11 months agoRaj1510
2 years, 3 months agoForee
2 years, 5 months ago