Detective Administrative Controls
Question
Which of the following is NOT a form of detective administrative control?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Detective administrative controls warn of administrative control violations.
Rotation of duties, required vacations and security reviews and audits are forms of detective administrative controls.
Separation of duties is the practice of dividing the steps in a system function among different individuals, so as to keep a single individual from subverting the process, thus a preventive control rather than a detective control.
Source: DUPUIS, Cl?ment, Access Control Systems and Methodology CISSP Open Study Guide, version 1.0 (march 2002).
Detective administrative controls are used to identify or detect security incidents, breaches or anomalies after they have occurred. These controls are designed to provide feedback to administrators and auditors about the effectiveness of other security measures in place and identify areas for improvement.
Let's look at the options given to identify which one is not a form of detective administrative control:
A. Rotation of duties: This is a form of detective control as it can identify anomalies or discrepancies when an employee rotates duties or job responsibilities. It helps to identify if an employee is intentionally or unintentionally violating security policies.
B. Required vacations: This is also a form of detective control as it can help identify if an employee has been involved in fraud or other malicious activities. When an employee goes on vacation, another employee takes over their duties, and this can help identify anomalies or suspicious activities.
C. Separation of duties: This is a detective control that helps prevent fraud or errors by requiring that multiple individuals have to work together to complete a task. This control can detect anomalies or discrepancies when one individual tries to circumvent the system.
D. Security reviews and audits: This is a form of detective control that involves periodically reviewing and auditing security policies, procedures, and systems. This can identify areas where policies are not being followed, and security breaches or incidents have occurred.
Therefore, based on the above, the answer is none. All of the options given are forms of detective administrative control.
