CAS-005 · Question #323
CAS-005 Question #323: Real Exam Question with Answer & Explanation
The correct answer is C: Set up policies and systems with separation of duties.. Separation of duties is a key security practice that ensures no single individual has the capability to perform all tasks required to deploy artifacts into the production environment. By separating responsibilities, such as development and production deployment, the organization
Question
An organization is working to secure its development process to ensure developers cannot deploy artifacts directly into the production environment. Which of the following security practice recommendations would be the best to accomplish this objective?
Options
- AImplement least privilege access to all systems.
- BRoll out security awareness training for all users.
- CSet up policies and systems with separation of duties.
- DEnforce job rotations for all developers and administrators.
- EUtilize mandatory vacations for all developers.
- FReview all access to production systems on a quarterly basis.
Explanation
Separation of duties is a key security practice that ensures no single individual has the capability to perform all tasks required to deploy artifacts into the production environment. By separating responsibilities, such as development and production deployment, the organization can prevent unauthorized or accidental changes in production systems. This directly addresses the requirement that developers should not deploy artifacts into production, enhancing the security and integrity of the deployment process.
Community Discussion
No community discussion yet for this question.