1d • 🙋♂️ CISSP
CISSP Practice Question (Domain 5: Identity & Access Management / Privileged Access Controls)
During a quarterly access review, an organization discovers that several DevOps engineers have accumulated multiple privileged roles across different cloud environments due to automated provisioning workflows that never revoked old permissions.
No misuse has been detected, but the roles collectively exceed least-privilege requirements and present a potential lateral-movement risk.
What should the security manager do FIRST?
A. Immediately disable all excessive roles and force users to request access again
B. Conduct a risk analysis to understand business impact before removing permissions
C. Implement just-in-time privileged access to eliminate standing permissions
D. Escalate the issue to HR for potential policy violations
2
14 comments
CISSP Practice Question (Domain 5: Identity & Access Management / Privileged Access Controls)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+41
2
+30
3
+30
4
+26
5
+24
Powered by