Which practice ensures that no single individual has full control by distributing duties?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which practice ensures that no single individual has full control by distributing duties?

Explanation:
Separation of duties is the practice of dividing responsibilities so that no single person has end-to-end control over a process. By splitting tasks among different people and requiring checks or approvals from others, you create a system of checks and balances that makes fraud, errors, or malicious actions harder to carry out unnoticed. Rotating duties further strengthens this by periodically switching roles, so no one person remains in a position of unchecked power and so others can notice unusual activity from a fresh perspective. For example, in financial processes, one person might initiate a payment while another approves it. In software changes, someone documents the change, someone else reviews it, and a separate person applies it, with logs checked by another team member. This approach directly prevents a single individual from having all the control needed to complete a harmful action without detection. Least privileges focuses on giving each user only the minimum rights they need, which reduces risk but doesn’t inherently ensure that no single person can complete a whole process. Insider risk controls cover broad measures to address threats from within the organization but aren’t the specific practice of distributing duties. OhPhish is a phishing-awareness tool, not a control for distributing responsibilities.

Separation of duties is the practice of dividing responsibilities so that no single person has end-to-end control over a process. By splitting tasks among different people and requiring checks or approvals from others, you create a system of checks and balances that makes fraud, errors, or malicious actions harder to carry out unnoticed. Rotating duties further strengthens this by periodically switching roles, so no one person remains in a position of unchecked power and so others can notice unusual activity from a fresh perspective.

For example, in financial processes, one person might initiate a payment while another approves it. In software changes, someone documents the change, someone else reviews it, and a separate person applies it, with logs checked by another team member. This approach directly prevents a single individual from having all the control needed to complete a harmful action without detection.

Least privileges focuses on giving each user only the minimum rights they need, which reduces risk but doesn’t inherently ensure that no single person can complete a whole process. Insider risk controls cover broad measures to address threats from within the organization but aren’t the specific practice of distributing duties. OhPhish is a phishing-awareness tool, not a control for distributing responsibilities.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy