CompTIA PenTest+ (PT0-002) — Question 74

A penetration tester discovers during a recent test that an employee in the accounting department had been making changes to a payment system and redirecting money into a personal bank account. The penetration test was immediately stopped. Which of the following would be the BEST recommendation to discourage this type of activity in the future?

Answer options

• A. Enforce mandatory employee vacations.
• B. Implement multifactor authentication.
• C. Install video surveillance equipment in the office.
• D. Encrypt passwords for bank account information.

Correct answer: A

Explanation

Enforcing mandatory employee vacations can help prevent and uncover fraudulent activities, as it forces employees to take time off and allows for audits in their absence. The other options, while useful for security, do not specifically address employee misconduct and may not deter someone from committing fraud if they are still in their position.