CISSP-ISSMP · Question #123
CISSP-ISSMP Question #123: Real Exam Question with Answer & Explanation
The correct answer is A: Implement separation of duties.. If no single employee has total control over a process (like setting up remote access) then no individual can compromise security. Having more than one person involved in any key processes by separating duties, will help prevent both intentional and unintentional security breache
Question
You work as the Network Administrator for a defense contractor. Your company works with sensitive materials and all IT personnel have at least a secret level clearance. You are still concerned that one individual could perhaps compromise the network (intentionally or unintentionally) by setting up improper or unauthorized remote access. What is the best way to avoid this problem?
Options
- AImplement separation of duties.
- BImplement RBAC.
- CImplement three way authentication.
- DImplement least privileges.
Explanation
If no single employee has total control over a process (like setting up remote access) then no individual can compromise security. Having more than one person involved in any key processes by separating duties, will help prevent both intentional and unintentional security breaches. Answer option D is incorrect. Least privileges simply mean each user has only those privileges needed to do their job tasks. Someone must have the authorization to create remote links, therefore, least privileges won't help. Answer option C is incorrect. No method of authenticating users will address the issue of an authorized administrator creating a security breach. Answer option B is incorrect. No method of access control will address the issue of an authorized administrator creating a security breach.
Topics
Community Discussion
No community discussion yet for this question.