ExpertEasy1 markMultiple Choice
CPA · Question 70 · Area II: Security
An auditor is testing the 'Termination' process. They find that a terminated employee's Active Directory account was disabled 5 days after their departure. The policy states 'Immediate' (within 24 hours). What is the risk?
An auditor is testing the 'Termination' process. They find that a terminated employee's Active Directory account was disabled 5 days after their departure. The policy states 'Immediate' (within 24 hours). What is the risk?
Answer options:
A.
Unauthorized access by the former employee or others using their credentials.
B.
The employee might not get their final paycheck.
C.
The system will run out of licenses.
D.
The employee cannot apply for COBRA benefits.
How to approach this question
Identify the security risk of an active account with no owner.
Full Answer
A.Unauthorized access by the former employee or others using their credentials.✓ Correct
A
Failure to disable accounts immediately upon termination leaves a window of opportunity for the disgruntled former employee to access the system, steal data, or cause damage. It also allows others to potentially use the orphaned account.
Common mistakes
Focusing on HR/Payroll consequences rather than IT Security.
Practice the full CPA ISC Practice Exam 3
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud-based s...MediumQ02During a review of a client's cloud governance structure, an auditor notes that the client uses a...MediumQ03An auditor is evaluating the 'Processing Integrity' principle for a financial institution's loan ...HardQ04A company uses a batch processing system to update inventory records overnight. The 'Grandfather-...HardQ05During a walkthrough of the change management process, an auditor observes that the 'Developer' r...Medium