Certified Information Security Manager (CISM) — Question 311

Which of the following is the PRIMARY reason that an information security manager should restrict the use of generic administrator accounts in a multi-user environment?

Answer options

• A. To prevent accountability issues
• B. To ensure segregation of duties is maintained
• C. To ensure system audit trails are not bypassed
• D. To prevent unauthorized user access

Correct answer: A

Explanation

The correct answer, A, highlights that generic administrator accounts can lead to accountability issues, as it becomes difficult to trace actions back to specific individuals. Options B and C are important considerations, but they are not the primary reason for restricting these accounts. Option D, while relevant to security, does not address the accountability aspect directly related to the use of generic accounts.