When selecting a sample of users terminated in the past six months, what should you verify?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

When selecting a sample of users terminated in the past six months, what should you verify?

Explanation:
The essential idea here is to confirm proper deprovisioning: when someone leaves, their ability to access systems must be removed. By checking that the IDs of users terminated in the past six months have been deactivated or removed from access lists, you verify that authentication rights were actually revoked across the environment. This is how you enforce the principle that former employees or contractors should no longer be able to sign in or access data, reducing the risk of unauthorized use. Keeping passwords that never expire would leave active credentials even after termination, which is unsafe and contradicts lifecycle management. Re-adding terminated users to the access list after changes would regrant access, defeating the purpose of termination. Renaming accounts for clarity doesn’t stop access or revoke permissions, so it doesn’t fulfill the deprovisioning requirement. In short, the best check is to ensure each terminated user’s account is disabled or removed from all access paths, confirming that access rights were properly revoked as part of the offboarding process.

The essential idea here is to confirm proper deprovisioning: when someone leaves, their ability to access systems must be removed. By checking that the IDs of users terminated in the past six months have been deactivated or removed from access lists, you verify that authentication rights were actually revoked across the environment. This is how you enforce the principle that former employees or contractors should no longer be able to sign in or access data, reducing the risk of unauthorized use.

Keeping passwords that never expire would leave active credentials even after termination, which is unsafe and contradicts lifecycle management. Re-adding terminated users to the access list after changes would regrant access, defeating the purpose of termination. Renaming accounts for clarity doesn’t stop access or revoke permissions, so it doesn’t fulfill the deprovisioning requirement.

In short, the best check is to ensure each terminated user’s account is disabled or removed from all access paths, confirming that access rights were properly revoked as part of the offboarding process.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy