nerdexam
ExamsCERTIFIED-IN-CYBERSECURITYQuestions#592
(ISC)2(ISC)2

CERTIFIED-IN-CYBERSECURITY · Question #592

CERTIFIED-IN-CYBERSECURITY Question #592: Real Exam Question with Answer & Explanation

The correct answer is A: To ensure that no single user has complete control over a critical process or system.. The purpose of separation of duties is to ensure that no single user has complete control over a critical process or system, in order to reduce the risk of insider threats and limit the potential damage that could be caused by a compromised account.

Security Principles

Question

What is the purpose of separation of duties?

Options

  • ATo ensure that no single user has complete control over a critical process or system.
  • BTo ensure that security controls are implemented based on the perceived risk to level of each
  • CTo ensure that security policies are consistent across all resources.
  • DTo ensure that all users have equal access to all resources on a network.

Explanation

The purpose of separation of duties is to ensure that no single user has complete control over a critical process or system, in order to reduce the risk of insider threats and limit the potential damage that could be caused by a compromised account.

Topics

#separation of duties#security principles#internal controls#risk mitigation

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CERTIFIED-IN-CYBERSECURITY PracticeBrowse All CERTIFIED-IN-CYBERSECURITY Questions