CompTIA Security+ (SY0-501) — Question 945

A bank requires tellers to get manager approval when a customer wants to open a new account. A recent audit shows that there have been four cases in the previous year where tellers opened accounts without management approval. The bank president thought separation of duties would prevent this from happening.
In order to implement a true separation of duties approach the bank could:

Answer options

• A. Require the use of two different passwords held by two different individuals to open an account
• B. Administer account creation on a role based access control approach
• C. Require all new accounts to be handled by someone else other than a teller since they have different duties
• D. Administer account creation on a rule based access control approach

Correct answer: C

Explanation

The correct answer is C because it directly addresses the issue by ensuring that tellers, who do not have the authority for account creation, do not handle this process. Options A and B are not sufficient as they do not completely eliminate the risk of tellers engaging in unauthorized account openings. Option D is also ineffective because it does not ensure that tellers are excluded from the account creation process.