Everyone in the accounting department has the ability to print and sign checks. Internal audit has asked
that only one group of employees may print checks while only two other employees may sign the checks.
Which of the following concepts would enforce this process?
A.
Separation of Duties
B.
Mandatory Vacations
C.
Discretionary Access Control
D.
Job Rotation
Explanation:
Separation of duties means that users are granted only the permissions they need to do their work and
no more.
Incorrect Answers:
B: A mandatory vacation policy requires all users to take time away from work to refresh.
C: Discretionary Access Control makes allowance for flexibility on access control within the company
which is to be avoided in this scenario.
D: Rotating jobs would mean that all the employees will at any one time still have authority to sign
checks.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 25, 151, 153