1) Discuss “separation of duties” and explain how this concept makes it difficult for an individual to violate InfoSec a
Posted: Sun Jul 03, 2022 4:26 pm
1) Discuss “separation of duties” and explain how this conceptmakes it difficult for an individual to violate InfoSec and reachthe confidentiality, integrity, or availability of information.
2) Compare separation of duties to the concept of two-personcontrol, Use Figure 9-2 in your discussion.
3) Discuss some of the other controls used to prevent personnelfrom misusing information assets in detail: a) job rotation andtask rotation b) mandatory vacation policy c) need to know andleast privilege.
4) Why are organizations required by law to protect sensitive orpersonal employee information. Give example
Two-person control Team members review each other's work Separation of duties Work is divided up. Each team member performs only his or her portion of the task sequence Figure 9-2 Personnel security controls
2) Compare separation of duties to the concept of two-personcontrol, Use Figure 9-2 in your discussion.
3) Discuss some of the other controls used to prevent personnelfrom misusing information assets in detail: a) job rotation andtask rotation b) mandatory vacation policy c) need to know andleast privilege.
4) Why are organizations required by law to protect sensitive orpersonal employee information. Give example
- 1 Discuss Separation Of Duties And Explain How This Concept Makes It Difficult For An Individual To Violate Infosec A 1 (693.12 KiB) Viewed 14 times