CompTIA DataX (CNX-001) — Question 55
After a company migrated all services to the cloud, the security auditor discovers many users have administrator roles on different services. The company needs a solution that:
Protects the services on the cloud.
Limits access to administrative roles.
Creates a policy to approve requests for administrative roles on critical services within a limited time.
Forces password rotation for administrative roles.
Audits usage of administrative roles.
Which of the following is the best way to meet the company's requirements?
Answer options
- A. Privileged access management
- B. Session-based token
- C. Conditional access
- D. Access control list
Correct answer: A
Explanation
Privileged access management (PAM) is designed specifically to manage and restrict access to administrative roles, ensuring security and compliance by enforcing policies like password rotation and auditing usage. The other options do not provide a comprehensive solution for managing administrative access and enforcing the necessary security protocols required by the company.