Which guideline is primarily concerned with deactivating identities and ensuring they can no longer access systems?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Identity and Access Manager Exam using flashcards and multiple-choice questions. Gain insights into the exam format, practice with real-world scenarios, and ensure your success in becoming a certified professional.

Multiple Choice

Which guideline is primarily concerned with deactivating identities and ensuring they can no longer access systems?

Explanation:
This item tests how offboarding and access revocation are handled to prevent continued access. Deactivation policies lay out the exact steps and timing to disable user accounts, revoke credentials, and remove privileges across systems whenever someone leaves, is terminated, or changes roles. The goal is to ensure there are no active sessions, tokens, or permissions that could be exploited after the person should no longer have access, and to keep entitlement records accurate and auditable. Background checks and verification of a new employee’s history pertain to screening before hiring, not turning off access after someone leaves. Access standards describe who should have access and under what rules, but they don’t specify the process for turning off access once it’s no longer needed. Deactivation policies directly address the need to deactivate identities and prevent lingering access.

This item tests how offboarding and access revocation are handled to prevent continued access. Deactivation policies lay out the exact steps and timing to disable user accounts, revoke credentials, and remove privileges across systems whenever someone leaves, is terminated, or changes roles. The goal is to ensure there are no active sessions, tokens, or permissions that could be exploited after the person should no longer have access, and to keep entitlement records accurate and auditable.

Background checks and verification of a new employee’s history pertain to screening before hiring, not turning off access after someone leaves. Access standards describe who should have access and under what rules, but they don’t specify the process for turning off access once it’s no longer needed. Deactivation policies directly address the need to deactivate identities and prevent lingering access.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy