Option A: Deleting accounts without assessing their purpose could lead to operational disruptions,
especially if service accounts or critical roles are affected. CIEM focuses on remediation, not immediate
deletion.
Option B: Revoking all permissions is overly disruptive and impractical. Instead, permissions should be
adjusted based on the principle of least privilege to allow users to perform their roles securely.
Option C: CIEM emphasizes the principle of least privilege and the enforcement of MFA as core
security practices. Adjusting permissions to align with job roles and enabling MFA significantly reduces
the attack surface and prevents unauthorized access.
Option D: Transferring ownership does not address the underlying issue of excessive permissions or
missing MFA. It is a superficial action that leaves the security risks unresolved.
