Exam SY0-601 topic 1 question 286 discussion

A. Account audits would have prevented this compliance violation by periodically reviewing the access permissions of users and removing those who are no longer with the company. An annual account audit would have identified the users who left the company six months ago and their access could have been revoked to ensure compliance with the recertification requirement. The account audit would have verified the accuracy of the access control lists and ensured that all access privileges are in line with current business requirements.

Account audits involve periodically reviewing user accounts and their associated access rights to ensure they are still valid and necessary. By conducting regular account audits, the organization can identify and remove accounts of users who have left the company or no longer require access, thus preventing situations where users with revoked privileges still have access. In this case, if the organization had performed regular account audits, the access of users who left the company six months ago would have been identified and revoked during the audit process, ensuring compliance with the recertification requirement.

Account audits after eliminating other answers

A. Account audits would have prevented this compliance violation. Account audits are periodic reviews of user accounts to ensure that they are being used appropriately and that access is being granted and revoked in accordance with the organization's policies and procedures. If the compliance team had been conducting regular account audits, they would have identified the users who left the company six months ago and ensured that their access was revoked in a timely manner. This would have prevented the compliance violation caused by these users still having access to the company's systems.

To prevent this compliance violation, the company should implement account audits. An account audit is a regular review of all user accounts to ensure that they are being used properly and that they are in compliance with the company's security policies. By conducting regular account audits, the company can identify inactive or unused accounts and remove access for those users. This will help to prevent compliance violations and ensure that only authorized users have access to the company's systems and data.

agree with A, if accounts were audited, they will know that there are some accounts that had to be deleted