After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)
- Secure password storage.
- Enforce the principle of least privilege.
- Only the CIO should have privileged access.
- No one should have privileged access.
- Only managers should have privileged access.
- Reduce the number of privileged accounts.
Explanation: Best practices entail giving the user only what is needed to do the job. Any additional privileges should be tracked and audited.
Exam with this question: Cybersecurity Essentials Chapter 7 Quiz Answers
Exam with this question: Network Defense – 3.5.2 Module 3: Access Control Quiz