Certified Information Systems Security Professional (CISSP) — Question 405

An internal audit for an organization recently identified malicious actions by a user account. Upon further investigation, it was determined the offending user account was used by multiple people at multiple locations simultaneously for various services and applications. What is the BEST method to prevent this problem in the future?

Answer options

• A. Ensure each user has their own unique account.
• B. Allow several users to share a generic account.
• C. Ensure the security information and event management (SIEM) is set to alert.
• D. Inform users only one user should be using the account at a time.

Correct answer: A

Explanation

The correct answer is A because having unique accounts for each user enhances accountability and security, making it easier to track actions and prevent unauthorized access. Options B and D allow for shared access, which can lead to confusion and security risks, while option C, although useful for monitoring, does not directly prevent the misuse of accounts.