shieldCISSP Practice Domain 5 — Identity and Access Management (IAM) Q86 of 120

What is privilege creep?

A CISSP practice question covering Domain 5: Identity and Access Management (IAM). Try answering before reading the explanation below.

▶ Show options & answer

Slow performance from too many users

Accumulation of unneeded privileges as users change roles without revocation

✓ Correct answer

Brute-force escalation attempts

Granting temporary admin via JIT

Why "Accumulation of unneeded privileges as users change roles without revocation" is the right answer

Privilege creep happens when users keep old access after role changes. Periodic recertification, JIT (just-in-time) elevation, and de-provisioning workflows mitigate it. The other answers describe different concepts.

Study videos for this topic

Want to go deeper on Domain 5? Watch the full breakdown — every video is free, no account, no upsell.

CISSP Domain 5: Authentication, MFA & Passkeys

Domain 5 — Identity and Access Management (IAM)

CISSP Domain 5: SSO, SAML, OAuth, OIDC & Kerberos

Domain 5 — Identity and Access Management (IAM)

CISSP Domain 5: DAC, MAC, RBAC, ABAC Explained

Domain 5 — Identity and Access Management (IAM)

CISSP Domain 5: Identity Lifecycle & PAM Explained

Domain 5 — Identity and Access Management (IAM)

Take the full CISSP practice test

120 questions, instant explanations, study-video links on every miss. No account.

Start full test →

What is privilege creep?

Study videos for this topic

Other practice tests