Best Access Control Methodologies for Auditing Database Changes and Backup Logs

D.

The BEST access control methodology to mitigate the concern of database administrators being responsible for auditing database changes and backup logs is the "Separation of Duties" principle.

Separation of duties (SoD) is a security principle that requires dividing tasks and responsibilities among different individuals or groups to reduce the risk of fraudulent or malicious activities. SoD ensures that no single person has too much power or control over a critical process or system. By separating the duties of database administration, auditing, and backup logs, an organization can prevent any single individual from having too much control over the database and its operations. This reduces the risk of insider threats and minimizes the impact of any errors or mistakes made by a single individual.

Time of day restrictions is an access control method that limits access to resources during specific times of the day. However, it does not address the issue of database administrators being responsible for auditing and backup logs.

The principle of least privilege (PoLP) is a security concept that restricts access rights to only the necessary minimum permissions required for a user or process to perform their tasks. While it can reduce the risk of unauthorized access, it does not address the issue of database administrators being responsible for auditing and backup logs.

Role-based access control (RBAC) is a method of assigning access permissions to users based on their roles or job responsibilities. While it can help in enforcing the separation of duties, it may not be sufficient in preventing a single user from having too much control over the database and its operations.

Therefore, the BEST access control methodology to mitigate the concern of database administrators being responsible for auditing database changes and backup logs is "Separation of Duties."