A retail executive recently accepted a job with a major competitor.
The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts.
Which of the following security practices would have addressed the issue?
A.
A non-disclosure agreement B.
Least privilege C.
An acceptable use policy D.
Offboarding.
D.
A retail executive recently accepted a job with a major competitor.
The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts.
Which of the following security practices would have addressed the issue?
A.
A non-disclosure agreement
B.
Least privilege
C.
An acceptable use policy
D.
Offboarding.
D.
Option D, offboarding, is the security practice that could have addressed the issue of successful logon attempts to access the departed executive's accounts. Offboarding refers to the process of revoking system access rights and privileges of an employee who is leaving the organization. It is a critical step to ensure that former employees do not retain access to organizational resources, including information systems and data.
In this scenario, the retail executive who accepted a job with a major competitor should have undergone the offboarding process, which would have involved revoking their system access privileges. By doing so, the security analyst would have identified any failed attempts to log in to the departed executive's accounts, which would have alerted the organization to a potential security breach. Additionally, if the organization had implemented proper procedures for monitoring access logs and conducting regular security audits, they would have been able to detect any successful logon attempts and take appropriate actions to mitigate the risk.
Option A, a non-disclosure agreement, is a legal document that prohibits employees from sharing confidential information about the organization. While it is an important security practice, it would not have addressed the issue of successful logon attempts by the departed executive.
Option B, least privilege, is a security principle that requires users to have the minimum level of access necessary to perform their job functions. While it is an important practice, it would not have prevented successful logon attempts by a departing executive who already had access privileges.
Option C, an acceptable use policy, is a set of guidelines that specify how employees are expected to use organizational resources. While it is an important practice, it would not have addressed the issue of successful logon attempts by a departing executive who already had access privileges.