CompTIA Security+ (SY0-601) — Question 164

The compliance team requires an annual recertification of privileged and non-privileged user access. However, multiple users who left the company six months ago still have access. Which of the following would have prevented this compliance violation?

Answer options

• A. Account audits
• B. AUP
• C. Password reuse
• D. SSO

Correct answer: A

Explanation

Account audits would have identified and removed access for users who no longer work at the company, thus preventing the compliance violation. The AUP (Acceptable Use Policy) outlines user responsibilities but does not directly manage access controls. Password reuse does not relate to the retention of access for former employees, and SSO (Single Sign-On) simplifies access but does not address the need for regular access reviews.