Let's test what you learned!
1. Why is managing insider threat and following the principle of least privilege particularly important for IT teams? (Select all that apply)
a. IT admins often have access to business critical infrastructure
b. IT teams are more likely to intentionally misuse business tools
c. IT access controls are a key part of many compliance frameworks
d. IT admins are more likely to get targeted by cyber criminals
2. Which of the following is not a benefit of strong access controls
a. Avoiding regulatory fines and penalties
b. Empowering IT teams to do more
c. Improving Incident Response in the event of a data breach
d. Getting better insurance coverage
e. Preventing or mitigating data breaches
3. True or false: Rescue allows for up to five different permission groups.
4. True or false: Adding automation into business processes like offboarding can mitigate insider threat by reducing the opportunities for honest mistakes, like forgetting to revoke access to Rescue after an employee leaves an organization.
5. Which of the following are ways you can add automation into on and offboarding with Rescue
a. Connecting with Microsoft Entra ID to automatically sync Admin groups
b. Integrating with SSO to automatically revoke Rescue access once a tech has been offboarded from your Identity provider
c. Integrating with an SSO to automatically store user identities
6. True or false: Auditing controls can help you piece together the story of who did what when, in the event of a breach.
7. Which of the following are ways you can implement auditing and accountability in Rescue? (Select all that apply)
a. Enabling forced screen recording to keep a record of all agent activity
b. Automatically populating ad hoc sessions into service now to create one source of truth to keep track of
c. Running regular audit reports for top permissioned admins to keep an eye out for suspicious activity
d. Running an access log report after a breach to help identify who accessed the system
Click next to see the answers