Question 37 of 730 from exam SY0-601: CompTIA Security+

Eliminate shared accounts.Implement usage auditing and review.Copy logs in real time to a secured WORM drive.

Prev Question Next Question

A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur.

The administrator has been given the following requirements: All access must be correlated to a user account.

-> All user accounts must be assigned to a single individual.

-> User access to the PHI data must be recorded.

-> Anomalies in PHI data access must be reported.

-> Logs and records cannot be deleted or modified.

Which of the following should the administrator implement to meet the above requirements? (Choose three.)

A. Eliminate shared accounts.

B. Create a standard naming convention for accounts.

C. Implement usage auditing and review.

D. Enable account lockout thresholds.

E. Copy logs in real time to a secured WORM drive.

F. Implement time-of-day restrictions.

G. Perform regular permission audits and reviews.

Click on the arrows to vote for the correct answer

A. B. C. D. E. F. G.

ACE.

Prev Question Next Question