CompTIA Security+ (SY0-501) — Question 298

An audit has revealed that database administrators are also responsible for auditing database changes and backup logs.
Which of the following access control methodologies would BEST mitigate this concern?

Answer options

• A. Time of day restrictions
• B. Principle of least privilege
• C. Role-based access control
• D. Separation of duties

Correct answer: D

Explanation

The correct answer is D, Separation of duties, as it ensures that no single individual has control over all aspects of a critical function, thus preventing conflicts of interest and reducing the risk of fraud. The other options, while useful, do not specifically address the issue of overlapping responsibilities that can create vulnerabilities in auditing and accountability.