CompTIA Security+ (SY0-501) — Question 952

A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the contents of a confidential database, as well as other managerial permissions. On Monday morning, the database administrator reported that log files indicated that several records were missing from the database.
Which of the following risk mitigation strategies should have been implemented when the supervisor was demoted?

Answer options

• A. Incident management
• B. Routine auditing
• C. IT governance
• D. Monthly user rights reviews

Correct answer: B

Explanation

The correct answer is B, Routine auditing, as it involves regularly reviewing access and changes to sensitive data, which could have detected unauthorized modifications following the supervisor's demotion. Options A, C, and D do not directly address the immediate need for oversight of the database's integrity after a personnel change, making them less effective in this scenario.