CERTIFIED-IN-CYBERSECURITY · Question #376
CERTIFIED-IN-CYBERSECURITY Question #376: Real Exam Question with Answer & Explanation
The correct answer is B: Mandatory vacation. Mandatory vacation would be the primary measure to identify employees transferring funds to a personal account (see ISC2 Study Guide, Chapter 3, Module 1). Separation of duties ensures that no single individual has complete control over a process. At the same time, least privileg
Question
What security principle can help detect fraudulent behavior, such as employees transferring funds to their personal accounts?
Options
- ALeast privilege
- BMandatory vacation
- CSeparation of duties
- DZero Trust
Explanation
Mandatory vacation would be the primary measure to identify employees transferring funds to a personal account (see ISC2 Study Guide, Chapter 3, Module 1). Separation of duties ensures that no single individual has complete control over a process. At the same time, least privilege restricts user access to only necessary functions. Zero Trust is a security concept or framework that assumes no trust for any entity, regardless of whether it's inside or outside of an organization's network perimeter. However, mandatory vacation is the primary measure to identify employees transferring funds to a personal account and reallocating funds between accounts, as it allows for a period of time in which the activity can be monitored and any suspicious activity can be identified.
Topics
Community Discussion
No community discussion yet for this question.