A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to
modify the contents of a confidential database, as well as other managerial permissions. On Monday
morning, the database administrator reported that log files indicated that several records were missing
from the database. Which of the following risk mitigation startegies should have been implemented
when the supervisor was demoted?
A.
Incident management
B.
Routine auditing
C.
IT governance
D.
Monthly user rights reviews
Monthly user Right Review cannot stop a activity performed in 2 days , it will be reviewed in 30 days not 2 days
This should have been an incident management.
The incident response should be a mandatory rights review, yes. But it should have been triggered by a predetermined procedure for such things. That means an incident managment.
Passed Security+ SY0-401 exam few days ago! Scored 815/900, the passing score is 750/900 now!
Got 75 questions with 2 performance based at the beginning! About 4 SIMs.
2 questions about Security Assertions Markup Language SAML and 1 question about Containers.
Configure Firewall with 4 ACL and match multifactor authenication.
Select the appropriate attack type for each scenario such as spear pushing, whaling, vishing, phishing, and hoax.
I learned Darrill Gibson’s book and CBT Nuggets study materials, and practised PassLeader SY0-401 dumps: http://www.passleader.com/sy0-401.html (1867q VCE and PDF dumps).
P.S. Download that 1867q SY0-401 dumps for free here:
https://doc.co/FTT4SW
Good Luck!
The fact that the supervisor got demoted is not an incident. After the missing records–okay. But the questions asks about risk mitigation when the supervisor was demoted (Friday). My first option was to choose monthly user right review but clearly, this may be a month off before being used. The only option is IT governance which presumes that security activities will be performed with the needs of the company in mind. Since people losing their jobs is part of business, IT governance should have a process in mind to ensure that least privilege is enforced in these instances.
Without a doubt it’s B. Routine audit includes user rights review whenever an employee changes his job or responsibilities.
i believe the right answer is Routine auditing because Routine auditing includes user rights review and/or disabling unused accounts
https://www.youtube.com/watch?v=HvMJRFYn7Ik – Professor Messer about User Access Reviews and Monitoring.
For me, answer is B: Routing auditing
supervisor get demoted, apparently is an incident, he would be demoted for some reason. and incident management should be performed. record the incident and perform mitigation steps.
B: Routing auditing