Which practice safeguards accounts that contain special access or capabilities beyond a regular user?

• A. Credential Management
• B. Hardware Key Manager
• C. Password Policies
• D. Privileged Access Management

Answer: (D)

Controlling and monitoring accounts with elevated rights is essential to protect critical systems. Privileged Access Management focuses on these privileged accounts—admin, service, and other credentials that have access beyond a regular user. It centralizes and governs how such access is requested, granted, and revoked, often using a secure vault for privileged credentials, strict access controls, multi-factor authentication, and just-in-time access. It also enforces least-privilege principles, records sessions for audit, and provides ongoing monitoring and regular reviews to prevent misuse or over-privilege.

Credential Management is broader, dealing with storing and handling credentials but not specifically governing when or how privileged accounts are used or auditing those privileged actions. Password Policies set rules for password creation and rotation but don’t address the governance, monitoring, and control of accounts with elevated capabilities. Hardware Key Manager secures hardware-based keys, which is important but narrower and focused on key management rather than the full lifecycle and oversight of privileged accounts.