🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional74 / 129
Question 74 of 129
A financial services company discovers that several administrators retain permanent membership in the Domain Admins group, though most perform elevated tasks only a few times per month. An audit flags this standing privilege as a major attack-surface risk. The security architect wants to redesign privileged access so that administrators hold no persistent elevated rights but can obtain them, time-bound and with approval, only when a task requires them. Which approach best satisfies this requirement?
Reviewed for accuracy · Report an issueNext question