New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca Cybersecurity-Audit-Certificate Exam - Topic 1 Question 32 Discussion

Actual exam question for Isaca's Cybersecurity-Audit-Certificate exam
Question #: 32
Topic #: 1
[All Cybersecurity-Audit-Certificate Questions]

The administrator for a human resources (HR) system has access to the system as a user as well as support. Which of the following is the BEST control to help prevent intentional or accidental misuse of the privilege?

Show Suggested Answer Hide Answer
Suggested Answer: D

The best practice to prevent misuse of administrative privileges is to have administrators use a separate non-privileged account for routine tasks that do not require administrative rights. This reduces the risk of accidental changes or security breaches that could occur if the administrator's highly privileged account were compromised or misused during daily operations.

Reference= This control measure is aligned with the principle of least privilege and is commonly recommended in cybersecurity frameworks.While I cannot cite the Cybersecurity Audit Manual directly, similar guidelines are often included in cybersecurity literature and standards, including those from ISACA1. For specific references, please consult the ISACA Cybersecurity Audit resources.


by Thora at Nov 15, 2024, 04:38 AM

Limited Time Offer

25%

Off

Get Premium Cybersecurity-Audit-Certificate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Hermila
3 months ago
MFA is good, but it’s not foolproof.
upvoted 0 times
...
Vashti
3 months ago
Totally agree, separate accounts are a smart move!
upvoted 0 times
...
Stephanie
3 months ago
Wait, can background checks really prevent misuse?
upvoted 0 times
...
Jettie
4 months ago
I think frequent log monitoring is more effective.
upvoted 0 times
...
Leatha
4 months ago
Multi-factor authentication is a must for privileged accounts!
upvoted 0 times
...
Glendora
4 months ago
Background checks seem important, but I don't think they would prevent misuse once access is granted. I lean towards option D for better control.
upvoted 0 times
...
Aliza
4 months ago
I feel like frequent log monitoring could help catch any misuse quickly, but I wonder if it's enough on its own. Option B might be useful.
upvoted 0 times
...
Jerry
4 months ago
I'm not entirely sure, but I think multi-factor authentication is a good security measure too. Maybe option C could work?
upvoted 0 times
...
Sue
5 months ago
I remember we discussed the importance of separating duties in class, so option D seems like a solid choice to prevent misuse.
upvoted 0 times
...
Dalene
5 months ago
This is a classic security question. I'll focus on the principle of least privilege and choose the option that best limits the administrator's ability to misuse their access.
upvoted 0 times
...
Carey
5 months ago
I'm a bit confused by the wording of the question. Let me re-read it and think through the pros and cons of each option before making my choice.
upvoted 0 times
...
Corazon
5 months ago
Okay, I've got this. The key is to implement controls that limit the potential for misuse, like multi-factor authentication or requiring a separate non-privileged account.
upvoted 0 times
...
Curtis
5 months ago
Hmm, I'm a bit unsure about this one. I'll need to review the concepts of privileged access and separation of duties to decide the best approach.
upvoted 0 times
...
Jolene
5 months ago
This seems like a straightforward question about access controls. I'll need to think through the different options carefully.
upvoted 0 times
...
Shaniqua
1 year ago
But wouldn't requiring the administrator to create a separate non-privileged user account also help prevent misuse?
upvoted 0 times
...
Miesha
1 year ago
D sounds good too, but why not just go for the ultimate security with C?
upvoted 0 times
Willow
1 year ago
D) Require the administrator to create a separate non-privileged user account for user tasks.
upvoted 0 times
...
Isadora
1 year ago
C) Set up multi-factor authentication for privileged accounts.
upvoted 0 times
...
Arleen
1 year ago
A) Perform background checks on any users or support with administrator access.
upvoted 0 times
...
...
Lavina
1 year ago
I agree with Nana, it adds an extra layer of security.
upvoted 0 times
...
Darrin
1 year ago
Haha, I bet the administrator's password is 'password123'. C is the way to go for sure.
upvoted 0 times
...
Iesha
1 year ago
I agree with C. MFA is a must-have these days, especially for critical systems like HR.
upvoted 0 times
Anglea
1 year ago
Definitely, MFA is a great way to prevent unauthorized access to HR data.
upvoted 0 times
...
Evangelina
1 year ago
I also believe C is the best choice. It's important to have that extra authentication step.
upvoted 0 times
...
Thaddeus
1 year ago
I agree, MFA is essential for protecting sensitive information.
upvoted 0 times
...
Brynn
1 year ago
I think C is the best option. MFA adds an extra layer of security.
upvoted 0 times
...
...
Paris
1 year ago
C is definitely the best option. Multi-factor authentication is the gold standard for securing privileged accounts.
upvoted 0 times
Chu
1 year ago
Having that extra security measure in place can help prevent misuse of privileges.
upvoted 0 times
...
Crissy
1 year ago
I think setting up multi-factor authentication is a must for administrator access.
upvoted 0 times
...
Erick
1 year ago
It's important to have that extra verification step for privileged accounts.
upvoted 0 times
...
Pearly
1 year ago
I agree, multi-factor authentication adds an extra layer of security.
upvoted 0 times
...
...
Nana
1 year ago
I think setting up multi-factor authentication is the best control.
upvoted 0 times
...

Save Cancel