A corporation employs external auditors who require access to the company's server infrastructure for a limited duration. The security policy enforces minimum necessary privileges and mandates that access credentials should expire immediately after the auditing task is completed. Which of the following practices should be implemented to comply with the security policy?
Creating permanent accounts with privileged access for each auditor
Issuing a set of shared credentials that the audit team can use
Allocating time-restricted access tokens for server access
Generating non-expiring API keys for auditors to use during their review
Allocating time-restricted access tokens ensures that the auditors have temporary access to the necessary resources, and these tokens automatically expire after the designated period, aligning with the security policy of minimum necessary privileges and immediate expiration post-audit. API keys or permanent account credentials do not offer the same level of temporary access and can potentially remain active beyond the requirement, posing a security risk. Shared credentials are inherently insecure as they do not provide individual accountability and can be easily misused.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.