What is the best control to limit risk when using privileged accounts for configuration changes?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CISA Domain 4 Exam. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What is the best control to limit risk when using privileged accounts for configuration changes?

Explanation:
Limiting risk associated with privileged accounts, especially during configuration changes, is critical for maintaining system integrity and security. Ensuring supervisory approval and review for critical changes acts as a strong control because it introduces a layer of oversight. This means that any changes made with privileged accounts must be validated and authorized by a supervisor, helping to prevent unauthorized or potentially harmful changes. This control not only serves as a deterrent against misuse of privileged accounts but also facilitates accountability. When supervisory approval is required, it encourages adherence to policies and procedures and promotes a culture of scrutiny and responsibility regarding significant system modifications. Such a process helps catch errors or malicious actions before they can take effect, thereby enhancing the overall security posture. Other options might contribute to security in various ways but do not directly address the immediate risks tied to privileged account actions in the context of configuration changes as effectively as requiring supervisory approval and review.

Limiting risk associated with privileged accounts, especially during configuration changes, is critical for maintaining system integrity and security. Ensuring supervisory approval and review for critical changes acts as a strong control because it introduces a layer of oversight. This means that any changes made with privileged accounts must be validated and authorized by a supervisor, helping to prevent unauthorized or potentially harmful changes.

This control not only serves as a deterrent against misuse of privileged accounts but also facilitates accountability. When supervisory approval is required, it encourages adherence to policies and procedures and promotes a culture of scrutiny and responsibility regarding significant system modifications. Such a process helps catch errors or malicious actions before they can take effect, thereby enhancing the overall security posture.

Other options might contribute to security in various ways but do not directly address the immediate risks tied to privileged account actions in the context of configuration changes as effectively as requiring supervisory approval and review.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy