Which practice involves monitoring user account activity to prevent unauthorized access and manipulation?

Monitoring user account activity to prevent unauthorized access and manipulation is fundamentally tied to auditing requirements. This practice involves systematically reviewing and tracking user activities within a system, which can help identify any unusual or suspicious behavior indicative of unauthorized access or potential security breaches. By keeping detailed logs of user actions and access patterns, organizations can establish a baseline for normal behavior and detect deviations that may indicate malicious intent.

Incorporating auditing requirements ensures that there is a framework in place for regularly analyzing user activity, making it easier to identify problems proactively. This practice is essential in maintaining the integrity of systems and protecting sensitive data from unauthorized manipulation.

While other choices touch on different aspects of cybersecurity—like controlling access through least privilege, safeguarding communications via email protection, and addressing potential insider threats through mandatory vacation—the core of the question is focused on active monitoring and analysis of user behavior, which is precisely what auditing requirements provide.