CompTIA Security+ (SY0-501) — Question 20

A manager suspects that an IT employee with elevated database access may be knowingly modifying financial transactions for the benefit of a competitor. Which of the following practices should the manager implement to validate the concern?

Answer options

• A. Separation of duties
• B. Mandatory vacations
• C. Background checks
• D. Security awareness training

Correct answer: A

Explanation

The correct answer is A, Separation of duties, as it helps prevent any single individual from having control over all aspects of a financial transaction, thereby reducing the risk of fraud. Options B, C, and D are valuable practices but do not directly address the immediate concern of verifying unauthorized modifications to financial transactions.