The two categories of the policy of separation of duty are:
A.
Dual control and aggregation control
B.
Dual control and functional separation
C.
Span of control and functional separation
D.
Inference control and functional separation
Explanation:
Dual control requires that two or more subjects act together simultaneously to authorize an
operation. A common example is the requirement that two individuals turn their keys
simultaneously in two physically separated areas to arm a weapon. Functional separation implies a
sequential approval process such as requiring the approval of a manager to send a check generated
by a subordinate. * Answer “Span of control and functional separation” is incorrect. Span of control
refers to the number of subordinates that can be optimally managed by a superior. * Answer
“Inference control and functional separation” is incorrect. Inference control is implementing
protections that prevent the inference of information not authorized to a user from information that
is authorized to be accessed by a user. * Answer “Dual control and aggregation control” is incorrect,
but aggregation refers to the acquisition of large numbers of data items to obtain information that
would not be available by analyzing a small number of the data items.