A security administrator is advocating for enforcement of a new policy that would require employers with privileged access accounts to undergo periodic inspections and review of certain job performance data. To which of the following policies is the security administrator MOST likely referring?
A. Background investigation
B. Mandatory vacation
C. Least privilege
D. Separation of duties
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
The question is asking about security policies. So we need to ensure privileged users go thru periodic inspection and make sure they have the permissions needed for their job roles. Thats in the least privilege policy. So is C.
https://thycotic.com/solutions/least-privilege-policy/
To comply with regulations and reduce your risk, you need a least privilege policy that removes excessive privileges. C.
Think it is actually B:
From the Official CASP Study Guide: “Mandatory Vacation: …”During that time, your corporate audit and security teams have time to investigate and discover any discrepancies in employee activity.”
Agree that least privilege is something that will be evaluated, however I think what the questions is getting at is the exact policy that enforces the inspection.
I agree, B: Manadatory Vacation to undergo periodic inspections and review of certain job performance
I am reviewing questions and my previous answers. I agree with you, B is the best answer.
C
Agreed.