A network administrator has noticed unusual activity with a user’s login credentials on the network. The user is attempting multiple simultaneous login across the network, some of which are attempting to access workstations and servers to which the user does not have access.
Which of the following should the network administrator do NEXT?
- Delete the user’s AD account.
- Decrease the user’s AD privileges.
- Disable the user’s AD account.
- Reset the password on the user’s AD account.