Which of the following, if properly implemented, would prevent users from accessing files that are unrelated to
their job duties? (Choose two.)
Separation of duties
Time of day restrictions
Separation of duties means that users are granted only the permissions they need to do their work and no
more. More so it means that you are employing best practices. The segregation of duties and separation of
environments is a way to reduce the likelihood of misuse of systems or information. A separation of duties
policy is designed to reduce the risk of fraud and to prevent other losses in an organization.
A least privilege policy should be used when assigning permissions. Give users only the permissions that they
need to do their work and no more.