Which of the following is the BEST course of action?

A security analyst is performing a review of Active Directory and discovers two new user accounts in the accounting department. Neither of the users has elevated permissions, but accounts in the group are given access to the company’s sensitive financial management application by default .

Which of the following is the BEST course of action?
A . Follow the incident response plan for the introduction of new accounts
B . Disable the user accounts
C . Remove the accounts’ access privileges to the sensitive application
D . Monitor the outbound traffic from the application for signs of data exfiltration
E . Confirm the accounts are valid and ensure role-based permissions are appropriate

Answer: E

Latest CS0-001 Dumps Valid Version with 455 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments