During a routine risk evaluation, an analyst believes new remote resources have been created outside the official tracking system. Which action is the BEST for uncovering these resources and strengthening oversight?
Restrict new resource creation in specific accounts to manage further unknown expansions
Examine department requests and review transactions placed through partners while ensuring internal data integrity.
Retrieve official purchase orders and request teams to provide any necessary missing documentation.
Analyze billing data and usage reports from multiple providers to detect unfamiliar services and platforms
Reviewing billing statements and usage dashboards from a variety of providers is effective for pinpointing services that are not currently registered. Other approaches rely too heavily on internal documentation or restrict creation capability, which may not reveal all hidden services.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'usage reports' mean in the context of uncovering resources?
Open an interactive chat with Bash
Why are billing statements effective for detecting unregistered resources?
Open an interactive chat with Bash
What is meant by 'shadow IT' and why is it a risk?