CompTIA Security+ Question J-20

A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews?

A. Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.
B. Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively.
C. Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced.
D. Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.

Answer: A

Explanation:
Reviewing user permissions and group memberships form part of a privilege audit is used to determine that all groups, users, and other accounts have the appropriate privileges assigned according to the policies of the corporation.

CompTIA Security+ Question G-32

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

A. Conduct surveys and rank the results.
B. Perform routine user permission reviews.
C. Implement periodic vulnerability scanning.
D. Disable user accounts that have not been used within the last two weeks.

Answer: B

Explanation:
Risk mitigation is accomplished any time you take steps to reduce risk. This category includes installing antivirus software, educating users about possible threats, monitoring network traffic, adding a firewall, and so on. User permissions may be the most basic aspect of security and is best coupled with a principle of least privilege. And related to permissions is the concept of the access control list (ACL). An ACL is literally a list of who can access what resource and at what level. Thus the best risk mitigation steps insofar as access control rights are concerned, is the regular/routine review of user permissions.

CompTIA Security+ Question D-75

The system administrator has deployed updated security controls for the network to limit risk of attack. The security manager is concerned that controls continue to function as intended to maintain appropriate security posture.
Which of the following risk mitigation strategies is MOST important to the security manager?

A. User permissions
B. Policy enforcement
C. Routine audits
D. Change management

Answer: C

Explanation:
After you have implemented security controls based on risk, you must perform routine audits. These audits should include reviews of user rights and permissions as well as specific events. You should pay particular attention to false positives and negatives.

CompTIA Security+ Question A-55

The security administrator is currently unaware of an incident that occurred a week ago. Which of the following will ensure the administrator is notified in a timely manner in the future?

A. User permissions reviews
B. Incident response team
C. Change management
D. Routine auditing

Answer: D

Explanation:
Routine audits are carried out after you have implemented security controls based on risk. These audits include aspects such as user rights and permissions and specific events.

CompTIA A+ Core 2 Question D-23

Which of the following security best practices would prevent a program on a CD from immediately launching when inserted into a computer?

A. MSCONFIG >Startup Tab
B. Disable the Guest account
C. Rename the Administrator account
D. Disable autorun
E. Restrict user permissions

CompTIA A+ Core 2 Question D-2

When issuing user permissions for job functions, an administrator should assign:

A. Permissions based on employees role.
B. Them to the Power User role on the machine.
C. Permissions based on employees seniority.
D. Them to the Administrator role on the machine.

Correct Answer: A

CompTIA A+ Core 2 Question B-24

Which of the following will help to protect an organization from further data exposure AFTER a list of user passwords has already been leaked due to policy breach? (Select TWO).

A. Use multi-factor authentication
B. Require strong passwords
C. Enable file encryption
D. Educate end users
E. Restrict user permissions

Correct Answer: AD