CompTIA Security Plus Mock Test Q972

A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?

A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.
B. The supervisor should be removed from the human resources group and added to the accounting group.
C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.
D. The supervisor should only maintain membership in the human resources group.

Correct Answer: C
Section: Access Control and Identity Management

Explanation:
You can assign permissions to access resources either to a user or a group. The most efficient way is to assign permissions to a group (group based privileges). By assigning the
human resources supervisor’s user account to the group means the supervisor will inherit the permissions of that group, and allow him to carry out the new duties. Because the new
duties are being added to his normal duties, maintaining membership in the human resources group will allow the supervisor to continue performing his normal duties.

Incorrect Answers:
A: Because the new duties are being added to his normal duties, terminating the supervisor’s membership in the human resources group will prevent the supervisor from carrying out
his normal duties as he will no longer have the required permissions.
B: Because the new duties are being added to his normal duties, removing the supervisor from the human resources group will prevent the supervisor from carrying out his normal
duties as he will no longer have the required permissions.
D: Maintaining the supervisor’s membership in the human resources group only, will prevent the supervisor from carrying out his additional duties in the accounting department as the
supervisor will not have the required permissions.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 294