What activity verifies that vendor remote access accounts are monitored during use?

• A. Interview personnel and observe processes to verify that accounts are monitored while in use.
• B. Rely on automated logs only.
• C. No monitoring is required.
• D. Only require password changes.

Answer: (A)

The key idea is proving that vendor remote access is actually being watched during use, not just that traces exist somewhere. Interviewing the people who manage vendor access and observing the real monitoring processes shows who is responsible for watching sessions, how often they review activity, what events trigger attention, and how actions are escalated. This demonstrates that monitoring is active and part of daily security operations. Relying only on automated logs isn’t sufficient because logs can be misconfigured, not retained, or not reviewed regularly, so they don’t guarantee ongoing oversight. No monitoring would leave potential misuse unchecked, and focusing only on password changes misses the broader need for ongoing, real-time supervision of sessions.