CompTIA CySA+ (CS0-002) — Question 61

A small marketing firm uses many SaaS applications that hold sensitive information. The firm has discovered terminated employees are retaining access to systems for many weeks after their end date. Which of the following would BEST resolve the issue of lingering access?

Answer options

• A. Perform weekly manual reviews on system access to uncover any issues.
• B. Set up a privileged access management tool that can fully manage privileged account access.
• C. Implement MFA on cloud-based systems.
• D. Configure federated authentication with SSO on cloud provider systems.

Correct answer: D

Explanation

Configuring federated authentication with SSO on cloud provider systems effectively centralizes access management, allowing for immediate revocation of access upon employee termination. This prevents any lingering access issues that might arise from manual audits or privileged access management tools, which may not address the immediate need for timely access removal. Implementing MFA or relying on manual reviews do not directly resolve the issue of access retention after employees exit the company.