PrepAway - Latest Free Exam Questions & Answers

Which of the following is needed for System Accountability?

Which of the following is needed for System Accountability?

PrepAway - Latest Free Exam Questions & Answers

A.
Audit mechanisms.

B.
Documented design as laid out in the Common Criteria.

C.
Authorization.

D.
Formal verification of system design.

Explanation:
Accountability is the ability to identify users and to be able to track user actions. Through the use of audit logs
and other tools the user actions are recorded and can be used at a later date to verify what actions were
performed.
Incorrect Answers:
B: Common Criteria is an international standard to evaluate trust and would not be a factor in System
Accountability.
C: Authorization is granting access to subjects, just because you have authorization does not hold the subject
accountable for their actions.D: Formal verification involves Validating and testing highly trusted systems. It does not, however, involve
System Accountability.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 203, 248-250, 402.

One Comment on “Which of the following is needed for System Accountability?

  1. ABD says:

    What kind of question is this? What is needed for System Accountability? Unique ID is needed. The question should ask (depending on answers given) what mechanism can DETECT the system accountability?




    0



    0

Leave a Reply