Ann the security administrator has been reviewing logs and has found several overnight sales personnel
are accessing the finance department’s network shares. Which of the following security controls should
be implemented to BEST remediate this?
A.
Mandatory access
B.
Separation of duties
C.
Time of day restrictions
D.
Role based access
The overnight SALES personnel are supposed to work overnight. They are not supposed to access the FINANCE department data. I would think that D. Role based access would be the answer.
0
0
I agree. Why they should have access at the first place?!!!!
0
0
These are Sales personnel:
** Accessing the finance department’s network shares
** Which they should not have access to in the first place
** At any time of the day (day or night)
The sales personnel do their work after hours as they are “overnight” workers
So what we need to do is to restrict access so that the sales people do not access the finance’s department shared folders.
Hence I concur that that “D. Role based access” is the only possible answer.
0
0