SSCP Question #337: Real Exam Question with Answer & Explanation

The correct answer is A: Limiting the local access of operations personnel. The questions specifically said: "within a different function" which eliminate Job Rotation as a Management monitoring of audit logs is a detective control and it would not prevent collusion. Changing passwords regularly would not prevent such attack. This question validates if y

Submitted by chen.hong· Apr 18, 2026Access Controls

Question

Which of the following security controls might force an operator into collusion with personnel assigned organizationally within a different function in order to gain access to unauthorized data?

Options

ALimiting the local access of operations personnel
BJob rotation of operations personnel
CManagement monitoring of audit logs
DEnforcing regular password changes

Explanation

The questions specifically said: "within a different function" which eliminate Job Rotation as a Management monitoring of audit logs is a detective control and it would not prevent collusion. Changing passwords regularly would not prevent such attack. This question validates if you understand the concept of separation of duties and least privilege. By having operators that have only the minimum access level they need and only what they need to do their duties within a company, the operations personnel would be force to use collusion to defeat those security mechanism.

Topics

#Security Controls#Separation of Duties#Least Privilege#Insider Threat

Community Discussion

No community discussion yet for this question.

Full SSCP Practice Browse All SSCP Questions