Account recertification

Account recertification is a process where an auditor will review all of the user accounts. The auditor will have a matrix showing all of the active accounts and what privileges and access that they should have. If the auditor finds anything wrong then he will report it to the management, who will then either write a new account policy or make changes to the management of accounts using change management. For the purpose of the exam the auditor should be looked at as a snitch—he will never take any action but he will report his findings to the management.

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.