Question

A security administrator is updating corporate policies to respond to an incident involving collusion between two systems administrators that went undetected for more than six months.

Which of the following policies would have MOST likely uncovered the collusion sooner? (Choose two.)

A. Mandatory vacation
B. Separation of duties
C. Continuous monitoring
D. Incident response
E. Time-of-day restrictions
F. Job rotation

Answer 1

Corporate policies such as mandatory vacation and job rotation are effective in uncovering collusion between systems administrators by disrupting continuous control and increasing scrutiny through the rotation of duties.

Step-by-step explanation:

To uncover collusion between two systems administrators, the corporate policies that would most likely have been effective are mandatory vacation and job rotation. These policies can help reveal fraudulent activities since they require employees to take time off and alternate their job roles, respectively. This change in routine can expose illicit activities that the individuals may have been able to cover up through constant control over their work environment.

Mandatory vacation forces an employee to be away from their position for a substantial period, allowing others to take over their duties. This can reveal discrepancies or malicious activities that a colluding party may be hiding.

Job rotation encourages employees to move between different roles, which can prevent the development of singular control points where collusion could occur. It also allows for cross-training of staff, which may result in the early detection of inconsistencies or unauthorized practices.