Certified Information Systems Auditor (CISA) — Question 1440

A manager identifies active privileged accounts belonging to staff who have left the organization. Which of the following is the threat actor in this scenario?

Answer options

• A. Hacktivists
• B. Deleted log data
• C. Terminated staff
• D. Unauthorized access

Correct answer: C

Explanation

The correct answer is C, as the terminated staff members pose a threat by retaining access to privileged accounts after leaving the organization. Options A and D focus on external threats and unauthorized access, which do not directly relate to the accounts of former employees. Option B, deleted log data, does not represent a threat actor but rather a potential issue in tracking activity.