ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-003 All Questions

View all questions & answers for the CAS-003 exam
Go to Exam

Exam CAS-003 topic 1 question 309 discussion

Actual exam question from CompTIA's CAS-003
Question #: 309
Topic #: 1
[All CAS-003 Questions]

A security administrator is updating corporate policies to respond to an incident involving collusion between two systems administrators that went undetected for more than six months.
Which of the following policies would have MOST likely uncovered the collusion sooner? (Choose two.)

  • A. Mandatory vacation
  • B. Separation of duties
  • C. Continuous monitoring
  • D. Incident response
  • E. Time-of-day restrictions
  • F. Job rotation
Show Suggested Answer Hide Answer
Suggested Answer: BF 🗳️
by arnightman at Feb. 9, 2021, 8:47 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
arnightman
Highly Voted 4 years, 4 months ago
Should be...AF
upvoted 10 times
[Removed]
3 years, 8 months ago
In my opinion, Mandatory vacation, is the manager or supervisor already feels something wrong, and ask the employees do mandatory vacation to check the details. I think we can't let somebody do mandatory vacation for no reason. And the question is about update company policy.
upvoted 1 times
...
...
vorozco
Most Recent 3 years, 4 months ago
Selected Answer: AF
Answers are A. Mandatory vacation and F. Job rotation Their collusion implies that there is already a separation of duties, so that can't be an answer.
upvoted 2 times
...
D1960
3 years, 11 months ago
Without continuous monitoring, job rotation and/or mandatory vacations are pointless. The question asks what would "uncovered the collusion sooner." If you don't monitor what's going on, you are not going to uncover anything.
upvoted 1 times
...
Aixelsyd
4 years ago
The question is asking which of the options would have MOST likely uncovered the collusion. Since their job responsibilities were already separated, only A and F answer the question.
upvoted 1 times
...
D1960
4 years, 2 months ago
Maybe: C. Continuous monitoring? Maybe not: F. Job rotation? Job rotation may work fine for some jobs. Maybe staff at Walmart or McDonalds. But some sysadmin jobs can be very specialized and complex. You cannot rotate just anybody into a sysadmin job. Whatever you do to separate the sysadmins, shouldn't you also monitor for such collusion in the future? You cannot have somebody on a mandatory vacation all the time.
upvoted 1 times
...
D1960
4 years, 2 months ago
I think it depends on how they are colluding. Continuous monitoring could catch any unauthorized behavior, so that makes sense. I don't know if "separation of duties" is the best answer for this question. Anything to separate the sysadmins might make sense. If the admins are separated, and the system is monitored, then you might find that whatever was going on has stopped. So "Mandatory vacation" or "Time-of-day restrictions" or "Job rotation" might make sense.
upvoted 1 times
...
infosec208
4 years, 3 months ago
I agree. AF. B Separation of duties is WHY they collude.
upvoted 1 times
...
Trap_D0_r
4 years, 4 months ago
AF is correct.
upvoted 2 times
...
Neo2020
4 years, 4 months ago
AF Indeed. Mandatory Vacation and Job Rotation for detecting fraud and stuff.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel