CompTIA CASP+ (CAS-003) — Question 86

A security engineer is attempting to convey the importance of including job rotation in a company's standard security policies. Which of the following would be the
BEST justification?

Answer options

• A. Making employees rotate through jobs ensures succession plans can be implemented and prevents single points of failure.
• B. Forcing different people to perform the same job minimizes the amount of time malicious actions go undetected by forcing malicious actors to attempt collusion between two or more people.
• C. Administrators and engineers who perform multiple job functions throughout the day benefit from being cross-trained in new job areas.
• D. It eliminates the need to share administrative account passwords because employees gain administrative rights as they rotate into a new job area.

Correct answer: B

Explanation

Option B is correct because job rotation helps prevent undetected malicious actions by requiring multiple individuals to collaborate, making it harder for a single actor to conduct fraud. Option A, while valid about succession planning, does not directly address security concerns. Option C focuses on training benefits, and Option D discusses administrative password sharing, which is less critical than the detection of malicious activities.