CompTIA Security Plus Mock Test Q219

Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?

A. Least privilege access
B. Separation of duties
C. Mandatory access control
D. Mandatory vacations

Correct Answer: D
Section: Compliance and Operational Security

A mandatory vacation policy requires all users to take time away from work to refresh. Mandatory vacation give the employee a chance to refresh, but it also gives the company a chance to make sure that others can fill in any gaps in skills and satisfies the need to have replication or duplication at all levels. Mandatory vacations also provide an opportunity to discover fraud. In this case mandatory vacations can prevent the two members from colluding to steal the information that they have access to.

Incorrect Answers:
A: A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more. This is not preventing employees
with legitimate access to information from colluding to steal the information.
B: A separation of duties policy is designed to reduce the risk of fraud and to prevent other losses in an organization. Much like job rotation and it will not prevent two employees with
legitimate access to information from working together to steal information.
C: Mandatory access control means all access is pre-defined by methods for how information access is permitted. In a MAC environment, all access capabilities are pre-defi ned.
Users can’t share information unless their rights to share it are established by administrators. Consequently, administrators must make any changes that need to be made to such
rights. But in this case the users both have legitimate access to the information.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 25