Question 22
UnclassifiedWhich of the following CSP activities requires a client’s approval?
Correct answer: D
Explanation
Deleting test accounts or destroying test data changes or removes client information, so it requires the client’s approval before action is taken. CSP activities that affect customer-owned data or accounts must be authorized by the client because they involve access and disposition of client assets.
Why each option is right or wrong
A. Delete the guest account or test accounts
B. Delete the master account or subscription owner accounts
C. Delete the guest account or destroy test data
D. Delete the test accounts or destroy test data
Under the standard client-authorization rules for CSP operations, any action that alters, removes, or disposes of client-owned information must be expressly approved by the client before it is performed. Deleting test accounts or destroying test data is a disposition action, not routine maintenance, because it permanently removes data and can affect auditability and recovery; absent prior authorization, the CSP would be acting outside the client’s control over its records and assets.