CompTIA Security Plus Mock Test Q230

Separation of duties is often implemented between developers and administrators in order to separate which of the following?

A. More experienced employees from less experienced employees
B. Changes to program code and the ability to deploy to production
C. Upper level management users from standard development employees
D. The network access layer from the application access layer

Correct Answer: B
Section: Compliance and Operational Security

Separation of duties means that there is differentiation between users, employees and duties per se which form part of best practices.

Incorrect Answers:
A: It is not an issue regarding experience of employees, but rather the difference in duties of employees.
C: Developers and administrators are not necessarily upper level management and standard development employees.
D: This is a network distinction and not a job description distinction.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 153