Mandatory vacations are a security control which can be used to uncover which of the following?
A.
Fraud committed by a system administrator
B.
Poor password security among users
C.
The need for additional security staff
D.
Software vulnerabilities in vendor code
Explanation:
Mandatory vacations also provide an opportunity to discover fraud apart from the obvious benefits of giving employees a chance to refresh and making sure that
others in the company can fill those positions and make the company less dependent on those persons; a sort pf replication and duplication at all levels.
Incorrect Answers:
B: Poor password security is not the purpose of implementing mandatory vacations.
C: Mandatory vacations will have the opposite effect to needing additional security staff.
D: Software vulnerability can only be uncovered by looking at the software installed and its version and not by means by mandatory vacations.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 25