Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Isaca Exam Cybersecurity-Audit-Certificate Topic 1 Question 32 Discussion

Actual exam question for Isaca's Cybersecurity-Audit-Certificate exam
Question #: 32
Topic #: 1
[All Cybersecurity-Audit-Certificate Questions]

The administrator for a human resources (HR) system has access to the system as a user as well as support. Which of the following is the BEST control to help prevent intentional or accidental misuse of the privilege?

Show Suggested Answer Hide Answer
Suggested Answer: D

The best practice to prevent misuse of administrative privileges is to have administrators use a separate non-privileged account for routine tasks that do not require administrative rights. This reduces the risk of accidental changes or security breaches that could occur if the administrator's highly privileged account were compromised or misused during daily operations.

Reference= This control measure is aligned with the principle of least privilege and is commonly recommended in cybersecurity frameworks.While I cannot cite the Cybersecurity Audit Manual directly, similar guidelines are often included in cybersecurity literature and standards, including those from ISACA1. For specific references, please consult the ISACA Cybersecurity Audit resources.


by Thora at Nov 15, 2024, 04:38 AM

Limited Time Offer

25%

Off

Get Premium Cybersecurity-Audit-Certificate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Shaniqua
5 months ago
But wouldn't requiring the administrator to create a separate non-privileged user account also help prevent misuse?
upvoted 0 times
...
Miesha
5 months ago
D sounds good too, but why not just go for the ultimate security with C?
upvoted 0 times
Willow
4 months ago
D) Require the administrator to create a separate non-privileged user account for user tasks.
upvoted 0 times
...
Isadora
4 months ago
C) Set up multi-factor authentication for privileged accounts.
upvoted 0 times
...
Arleen
5 months ago
A) Perform background checks on any users or support with administrator access.
upvoted 0 times
...
...
Lavina
5 months ago
I agree with Nana, it adds an extra layer of security.
upvoted 0 times
...
Darrin
5 months ago
Haha, I bet the administrator's password is 'password123'. C is the way to go for sure.
upvoted 0 times
...
Iesha
5 months ago
I agree with C. MFA is a must-have these days, especially for critical systems like HR.
upvoted 0 times
Anglea
4 months ago
Definitely, MFA is a great way to prevent unauthorized access to HR data.
upvoted 0 times
...
Evangelina
4 months ago
I also believe C is the best choice. It's important to have that extra authentication step.
upvoted 0 times
...
Thaddeus
5 months ago
I agree, MFA is essential for protecting sensitive information.
upvoted 0 times
...
Brynn
5 months ago
I think C is the best option. MFA adds an extra layer of security.
upvoted 0 times
...
...
Paris
5 months ago
C is definitely the best option. Multi-factor authentication is the gold standard for securing privileged accounts.
upvoted 0 times
Chu
4 months ago
Having that extra security measure in place can help prevent misuse of privileges.
upvoted 0 times
...
Crissy
4 months ago
I think setting up multi-factor authentication is a must for administrator access.
upvoted 0 times
...
Erick
4 months ago
It's important to have that extra verification step for privileged accounts.
upvoted 0 times
...
Pearly
5 months ago
I agree, multi-factor authentication adds an extra layer of security.
upvoted 0 times
...
...
Nana
5 months ago
I think setting up multi-factor authentication is the best control.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77