medium
Single Answer
0Myrsini was recently hired as the first chief information security officer (CISO) for a local government agency. The agency recently suffered a security breach and is attempting to build a new information security program. Myrsini would like to apply some best practices for security operations as he is designing this program. Myrsini is preparing to create an account for a new user and assign privileges to the HR database. What two elements of information must Myrsini verify before granting this access?
Answer Options
A
Credentials and need to know
B
Clearance and need to know
C
Password and clearance
D
Password and biometric scan
Correct Answer: B
Explanation
Before granting access, Myrsini should verify that the user has a valid security clearance and a business need to know the information. She is performing an authorization task, so she does not need to verify the user's credentials, such as a password or biometric scan.