ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam SSCP All Questions

View all questions & answers for the SSCP exam
Go to Exam

Exam SSCP topic 1 question 210 discussion

Actual exam question from ISC's SSCP
Question #: 210
Topic #: 1
[All SSCP Questions]

Which of the following is NOT a form of detective administrative control?

  • A. Rotation of duties
  • B. Required vacations
  • C. Separation of duties
  • D. Security reviews and audits
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Detective administrative controls warn of administrative control violations. Rotation of duties, required vacations and security reviews and audits are forms of detective administrative controls. Separation of duties is the practice of dividing the steps in a system function among different individuals, so as to keep a single individual from subverting the process, thus a preventive control rather than a detective control.
Source: DUPUIS, Cl?ment, Access Control Systems and Methodology CISSP Open Study Guide, version 1.0 (march 2002).
by JoseIRONMAN at March 13, 2022, 5:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Sleezyglizzy
1 day, 15 hours ago
Selected Answer: C
Research.
upvoted 1 times
...
lfrivas
1 week, 6 days ago
Selected Answer: C
Separation of duties is a preventive administrative control, not a detective one. Rotation of duties is detective as it can uncover irregularities when someone new takes over the role.
upvoted 1 times
...
nanson
5 months, 1 week ago
Selected Answer: C
Among the options provided, the choice that is NOT a form of detective administrative control is: C. Separation of duties Separation of duties is primarily a preventive administrative control used to distribute tasks and responsibilities among multiple individuals to prevent a single person from having complete control over critical functions. Detective controls focus on identifying or detecting issues after they occur, such as security reviews and audits, rotation of duties, and required vacations, aiming to discover problems or irregularities that may have already happened.
upvoted 1 times
...
Stevovo123
5 months, 2 weeks ago
Selected Answer: A
Rotation of duties is not typically considered a form of detective administrative control. Instead, it is a preventive control measure that falls under the category of administrative controls. Rotation of duties involves periodically changing an employee's job responsibilities or tasks to reduce the risk of fraud or errors.
upvoted 1 times
...
JoseIRONMAN
2 years, 1 month ago
Should this be? Which of the following is NOT a form of a preventive administrative control? Answer D
upvoted 1 times
HeyacedoGomez
1 year, 8 months ago
The question talks about DETECTIVE / ADMINISTRATIVE controls.. Separation of Duties would be more like PREVENTIVE form of control...
upvoted 1 times
CuLeBrO
1 year, 4 months ago
That's correct, Separation of Duties is Preventive, but so are Rotation of Duties and Required Vacations. I think this question is ambiguous.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago