CompTIA Security+ (SY0-501) — Question 898

A chief Financial Officer (CFO) has asked the Chief Information Officer (CISO) to provide responses to a recent audit report detailing deficiencies in the organization security controls. The CFO would like to know ways in which the organization can improve its authorization controls.
Given the request by the CFO, which of the following controls should the CISO focus on in the report? (Choose three)

Answer options

• A. Password complexity policies
• B. Hardware tokens
• C. Biometric systems
• D. Role-based permissions
• E. One time passwords
• F. Separation of duties
• G. Multifactor authentication
• H. Single sign-on
• I. Lease privilege

Correct answer: D, F, I

Explanation

The correct controls to focus on are Role-based permissions, Separation of duties, and Least privilege, as they directly enhance authorization by ensuring users have appropriate access levels, reducing the risk of unauthorized actions. Password complexity policies, hardware tokens, and other options improve security overall but do not specifically target authorization controls.