PdfPrep.com

Which of the following is the BEST account management practice?

An organization prefers to apply account permissions to groups and not individual users, but allows for exceptions that are justified. Some systems require a machine-to-machine data exchange and an associated account to perform this data exchange. One particular system has data in a folder that must be modified by another system. No user requires access to this folder; only the other system needs access to this folder.

Which of the following is the BEST account management practice?
A . Create a service account and apply the necessary permissions directly to the service account itself
B . Create a service account group, place the service account in the group, and apply the permissions on the group
C . Create a guest account and restrict the permissions to only the folder with the data
D . Create a generic account that will only be used for accessing the folder, but disable the account until it is needed for the data exchange
E . Create a shared account that administrators can use to exchange the data, but audit the shared
account activity

Answer: A

Exit mobile version