During a recent audit, it was discovered that several user accounts belonging to former employees were still
active and had valid VPN permissions. Which of the following would help reduce the amount of risk the
organization incurs in this situation in the future?
A.
Time-of-day restrictions
B.
User access reviews
C.
Group-based privileges
D.
Change management policies