The two categories of the policy of separation of duty are:
A.
Dual control and aggregation control
B.
Dual control and functional separation
C.
Span of control and functional separation
D.
Inference control and functional separation
Explanation:
Dual control requires that two or more subjects act together
simultaneously to authorize an operation. A common example is the
requirement that two individuals turn their keys simultaneously in
two physically separated areas to arm a weapon. Functional separation
implies a sequential approval process such as requiring the
approval of a manager to send a check generated by a subordinate.
* Answer “Span of control and functional separation” is incorrect. Span of control refers to the
number of subordinates that can be optimally managed by a superior.
* Answer “Inference control and functional separation” is incorrect. Inference control is
implementing protections that prevent the inference of information not authorized to a user from
information that is authorized to be accessed by a user.
* Answer “Dual control and aggregation control” is incorrect, but aggregation refers to the
acquisition of large numbers of data items to obtain information that would not be available by
analyzing a small number of the data items.