Skip to Content
Home Access Control & Privileged Access Management (PAM) Access Control & Privileged Access Management (PAM)

Access Control & Privileged Access Management (PAM)

0 %

Completed

Course content

Access Control & Privileged Access Management (PAM)

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. A consultant requests permanent Global Administrator access because temporary elevation “slows delivery”. What is the BEST response?
Grant permanent access to improve operational efficiency Share another administrator account temporarily Use approved JIT or PAM processes with time-bound elevation Disable MFA requirements for privileged tasks
2. Why is least privilege important?
It reduces unnecessary access and limits security exposure It removes the need for MFA It allows shared accounts to operate safely It guarantees insider threats cannot occur
3. Which of the following presents the GREATEST privileged access risk?
Time-bound privileged access with approval workflows Named administrator accounts protected by MFA Shared privileged credentials used across multiple administrators Regular access certification reviews
4. What is the primary objective of Zero Standing Privilege (ZSP)?
Eliminate password rotation requirements Allow unrestricted administrator access during incidents Replace PAM solutions entirely Ensure privileged access is temporary and minimised
5. Which statement about privileged session monitoring is MOST accurate?
Monitoring privileged activity supports accountability and investigations Privileged sessions should never be logged for privacy reasons Monitoring removes the need for access approvals Session recording is only required during incidents
6. A privileged account password is shared within a project team “for emergencies”. Why is this problematic?
Emergency access removes compliance requirements Password sharing improves operational resilience Shared accounts simplify access reviews Shared accounts reduce accountability and audit visibility
7. Which of the following is the BEST example of Just-In-Time (JIT) access?
Permanent administrator rights for technical convenience Shared emergency accounts used by operations teams Temporary elevated access granted only when required Disabling MFA during maintenance windows
8. Why should privileged accounts use MFA wherever possible?
MFA provides additional protection against credential compromise MFA removes the need for password management MFA prevents all phishing attacks completely MFA allows administrator passwords to be shared safely
9. Which action BEST aligns with secure PAM practices?
Reusing administrator passwords across environments Maintaining permanent administrator access “just in case” Storing credentials in unsecured documentation systems Using named privileged accounts and approved PAM workflows
10. Why are service accounts considered high risk?
Service accounts cannot be monitored They often have elevated privileges and may lack proper governance Service accounts automatically bypass MFA Service accounts are only used temporarily
11. What is the primary purpose of access certification reviews?
Increase the number of privileged accounts Validate whether access remains appropriate and necessary Simplify credential sharing across teams Remove audit requirements
12. Which of the following BEST demonstrates poor access governance?
Time-bound privileged elevation with approvals Reviewing dormant privileged accounts regularly Granting administrator access without documented approval Monitoring privileged sessions appropriately
13. What is the purpose of segregation of duties (SoD)?
Reduce operational visibility Prevent excessive control by a single individual Allow unrestricted privileged access during projects Eliminate approval workflows
14. A vendor requires temporary production access for troubleshooting. What is the BEST approach?
Grant unrestricted permanent administrator access Use approved, monitored, least-privilege access with expiration controls Share internal administrator credentials temporarily Disable logging during vendor access sessions
15. Which of the following should ALWAYS be reported?
Credential exposure or suspicious privileged activity Approved administrator access requests Scheduled password rotations Documented maintenance activities
16. Why are dormant privileged accounts dangerous?
They may be overlooked and exploited by attackers Dormant accounts improve operational resilience Dormant accounts cannot be accessed remotely Dormant accounts automatically disable themselves securely
17. What is the BEST response to repeated unexpected MFA prompts on a privileged account?
Approve one request to stop notifications Ignore the prompts completely Disable MFA temporarily Treat the activity as suspicious and report it immediately
18. Which statement about privileged access is MOST accurate?
Senior technical staff do not require approval processes Privileged access should always be controlled, monitored, and justified Persistent administrator access is preferable operationally PAM controls are optional if teams trust each other
19. Which of the following is an example of poor privileged access practice?
Maintaining audit logs of privileged activity Using time-bound elevation workflows Sharing root credentials informally during incidents Applying least privilege principles
20. What is the BEST overall approach to privileged access management?
Prioritise operational convenience over governance controls Minimise, monitor, control, and audit privileged access consistently Allow permanent administrator access wherever technically possible Share privileged credentials within trusted teams to improve efficiency