CompTIA Security Plus Mock Test Q225

The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to determine who may be responsible. Which of the following would be the BEST course of action?

A. Create a single, shared user account for every system that is audited and logged based upon time of use.
B. Implement a single sign-on application on equipment with sensitive data and high-profile shares.
C. Enact a policy that employees must use their vacation time in a staggered schedule.
D. Separate employees into teams led by a person who acts as a single point of contact for observation purposes.

Correct Answer: C
Section: Compliance and Operational Security

A policy that states employees should use their vacation time in a staggered schedule is a way of employing mandatory vacations. A mandatory vacation policy requires all users to take time away from work while others step in and do the work of that employee on vacation. This will afford the CSO the opportunity to see who is using the company assets responsibly and who is abusing it.

Incorrect Answers:
A: A single shared user account for every system will not single out any one who might be the guilty party. You need to see and audit individual accounts to single out the guilty party.
B: Single sign is about having a single / one only password for all resources on a given network which will make singling out a guilty party problematic.
D: Separating and organizing employees into teams makes singling out a single guilty party problematic.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 25