A company is designing a new system that must have high security. This new system has the…

Question

A company is designing a new system that must have high security. This new system has the following requirements: • Permissions must be assigned based on role. • Fraud from a single person must be prevented. • A single entity must not have full access control. Which of the following can the company use to meet these requirements?

Accepted Answer

Correct answer: B. B. Separation of duties — The correct answer is B, Separation of duties, as it ensures that no single individual has control over all aspects of a critical process, thus preventing fraud. Option A, Dual responsibility, does not specifically address the need for role-based permissions or fraud prevention. Option C, Need to know, focuses on information access rather than access control responsibilities. Option D, Least privilege, restricts user access but does not inherently prevent a single person from having too much control.

CompTIA CASP+ (CAS-004) — Question 249

Answer options

Correct answer: B

Explanation