Which of the following policies helps reduce the potential damage from the actions of one person?
A.
CSA
B.
Risk assessment
C.
Separation of duties
D.
Internal audit
Explanation:
Separation of duties (SoD) is the concept of having more than one person required to complete a
task. It is alternatively called segregation of duties or, in the political realm, separation of powers.
Segregation of duties helps reduce the potential damage from the actions of one person. IS or enduser department should be organized in a way to achieve adequate separation of duties. According
to ISACA’s Segregation of Duties Control matrix, some duties should not be combined into one
position. This matrix is not an industry standard, just a general guideline suggesting which positions
should be separated and which require compensating controls when combined.
Answer option A is incorrect. Cisco Security Agent (CSA) is an endpoint intrusion prevention system.
It is rule-based and examines system activity and network traffic, determining which behaviors are
normal and which may indicate an attack. CSA uses a two or three-tier client-server architecture. The
Management Center ‘MC’ (or Management Console) contains the program logic; an MS SQL
database backend is used to store alerts and configuration information; the MC and SQL database
may be co-resident on the same system. The Agent is installed on the desktops and/or servers to be
protected. The Agent communicates with the Management Center, sending logged events to the
Management Center and receiving updates in rules when they occur.
Answer option D is incorrect. Internal auditing is a profession and activity involved in helping
organizations achieve their stated objectives. It does this by using a systematic methodology for
analyzing business processes, procedures and activities with the goal of highlighting organizational
problems and recommending solutions.
Answer option B is incorrect. Risk assessment is a step in a risk management process.