CompTIA Security+ (SY0-501) — Question 924

After a merger between two companies a security analyst has been asked to ensure that the organization's systems are secured against infiltration by any former employees that were terminated during the transition.
Which of the following actions are MOST appropriate to harden applications against infiltration by former employees? (Choose two.)

Answer options

• A. Monitor VPN client access
• B. Reduce failed login out settings
• C. Develop and implement updated access control policies
• D. Review and address invalid login attempts
• E. Increase password complexity requirements
• F. Assess and eliminate inactive accounts

Correct answer: C, F

Explanation

The correct answers, C and F, involve developing new access control policies to ensure that only current employees have access, and eliminating inactive accounts to prevent unauthorized access. Options A, B, D, and E, while potentially useful, do not directly address the specific risk of former employees accessing the system.