A system is developed so that its business users can perform business functions but not user
administration functions. Application administrators can perform administration functions but not
user business functions. These capabilities are BEST described as
A.
least privilege.
B.
rule based access controls.
C.
Mandatory Access Control (MAC).
D.
separation of duties.
Separation of Duties takes place when we compare different departments also?
So you compare Admin with business managers and you say that Separation of Duties is the answer? By nature they do different job?
I thought separation of Duties is for the SAME function of work so we decrease COLLUSION
0
0
I Agree with Angelos..here separation of duties doesn’t seen to the case as the departments are different.
I believe the answer should be ‘Rule based Access Control’
Thanks
0
0
to me this is also B. rule based access controls.
0
0