How must user accounts for exiting employees be handled?
A.
Disabled, regardless of the circumstances
B.
Disabled if the employee has been terminated
C.
Deleted, regardless of the circumstances
D.
Deleted if the employee has been terminated
Explanation:
You should always disable an employee’s account as soon as they leave. The employee knows the username and password of the account and could continue to
log in for potentially malicious purposes. Disabling the account will ensure that no one can log in using that account.Incorrect Answers:
B: You should always disable an employee’s account as soon as they leave regardless of why they are leaving. A terminated employee might be more likely to log
in for malicious purposes but should you also disable the accounts of employees leaving through their own choice. Disabling any unused account is always best
practice. Therefore, this answer is incorrect.
C: There is no need to delete the account. The employee may come back to the company or a new employee may join the company to replace the leaving
employee. In this case, you could just rename the disabled account, change the password and re-enable the account. The new employee would then have the
same access to resources as the ex-employee. Therefore, this answer is incorrect.
D: There is no need to delete the account. A new employee may join the company to replace the leaving employee. In this case, you could just rename the disabled
account, change the password and re-enable the account. The new employee would then have the same access to resources as the ex-employee. Therefore, this
answer is incorrect.