A security administrator is responsible for performing periodic reviews of user permission settings
due to high turnover and internal transfers at a corporation. Which of the following BEST describes
the procedure and security rationale for performing such reviews?
A.
Review all user permissions and group memberships to ensure only the minimum set of
permissions required to perform a job is assigned.
B.
Review the permissions of all transferred users to ensure new permissions are granted so the
employee can work effectively.
C.
Ensure all users have adequate permissions and appropriate group memberships, so the
volume of help desk calls is reduced.
D.
Ensure former employee accounts have no permissions so that they cannot access any
network file stores and resources.