Which of the following can result in significant administrative overhead from incorrect reporting?
A. Job rotation
B. Acceptable usage policies
C. False positives
D. Mandatory vacations
CompTIA exam questions
Which of the following can result in significant administrative overhead from incorrect reporting?
A. Job rotation
B. Acceptable usage policies
C. False positives
D. Mandatory vacations
Everyone in the accounting department has the ability to print and sign checks. Internal audit has asked that only one group of employees may print checks while only two other employees may sign the checks. Which of the following concepts would enforce this process?
A. Separation of Duties
B. Mandatory Vacations
C. Discretionary Access Control
D. Job Rotation
Privilege creep among long-term employees can be mitigated by which of the following procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
In order to prevent and detect fraud, which of the following should be implemented?
A. Job rotation
B. Risk analysis
C. Incident management
D. Employee evaluations
A company that has a mandatory vacation policy has implemented which of the following controls?
A. Risk control
B. Privacy control
C. Technical control
D. Physical control
Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?
A. Least privilege access
B. Separation of duties
C. Mandatory access control
D. Mandatory vacations
Which of the following types of risk reducing policies also has the added indirect benefit of cross training employees when implemented?
A. Least privilege
B. Job rotation
C. Mandatory vacations
D. Separation of duties
Ann works at a small company and she is concerned that there is no oversight in the finance department; specifically, that Peter writes, signs and distributes paycheques, as well as other expenditures. Which of the following controls can she implement to address this concern?
A. Mandatory vacations
B. Time of day restrictions
C. Least privilege
D. Separation of duties
A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?
A. Mandatory vacations
B. Job rotation
C. Least privilege
D. Time of day restrictions
Mandatory vacations are a security control which can be used to uncover which of the following?
A. Fraud committed by a system administrator
B. Poor password security among users
C. The need for additional security staff
D. Software vulnerabilities in vendor code