Which of the following are functions that are compatible in a properly segregated environment?

A.
Security administration and quality assurance

B.
Security administration and data entry

C.
Security administration and application programming

D.
Application programming and data entry

Explanation:
Security Administration and Quality Assurance are the most similar tasks.
Administrative Management: Administrative management is a very important piece of operational
security. One aspect of administrative management is dealing with personnel issues. This includes
separation of duties and job rotation. The objective of separation of duties is to ensure that one
person acting alone cannot compromise the company’s security in any way. High-risk activities
should be broken up into different parts and distributed to different individuals. This way the
company does not need to put a dangerously high level of trust on certain individuals and if fraud
were to take place, collusion would need to be committed, meaning more than one person would
have to be involved in the fraudulent activity.
Separation of duties also helps to prevent many different types of mistakes that can take place if
one person is performing a task from the beginning to the end. For instance, a programmer should
not be the one to test her own code. A different person with a different job and agenda should
perform functionality and integrity testing on the programmer’s code because the programmer may
have a focused view of what the program is supposed to accomplish and only test certain
functions, input values, and in certain environments.
Another example of separation of duties is the difference between the functions of a computer
operator versus the functions of a system administrator. There must be clear cut lines drawn
between system administrator duties and computer operator duties. This will vary from
environment to environment and will depend on the level of security required within the
environment. The system administrators usually have responsibility of performing backups and
recovery procedures, setting permissions, adding and removing users, setting user clearance, and
developing user profiles. The computer operator on the other hand, may be allowed to install

software, set an initial password, alter desktop configurations, and modify certain system
parameters. The computer operator should not be able to modify her own security profile, add and
remove users globally, or set user security clearance. This would breach the concept of separation
of duties.
Pg 808-809 Shon Harris: All-In-One CISSP Certification