2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet652/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   648   649   650   651   652   653   654   655   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Two-Person Control 
Two-person control (often called the two-man rule) requires the approval of two individu-
als for critical tasks. For example, safe deposit boxes in banks often require two keys. A 
bank employee controls one key and the customer holds the second key. Both keys are 
required to open the box, and bank employees allow a customer access to the box only 
after verifying the customer’s identifi cation. 
Using two-person controls within an organization ensures peer review and reduces the 
likelihood of collusion and fraud. For example, an organization can require two individu-
als within the company (such as the chief fi nancial offi cer and the chief executive offi cer) to 
approve key business decisions. Additionally, some privileged activities can be confi gured 
so that they require two administrators to work together to complete a task. 
Split knowledge
combines the concepts of separation of duties and two-person control 
into a single solution. The basic idea is that the information or privilege required to per-
form an operation be divided among two or more users. This ensures that no single person 
has suffi cient privileges to compromise the security of the environment.
Job Rotation 
Further control and restriction of privileged capabilities can be implemented by using
job 
rotation
. Job rotation (sometimes called rotation of duties) means simply that employees 
are rotated through jobs, or at least some of the job responsibilities are rotated to different 
employees. Using job rotation as a security control provides peer review, reduces fraud, and 
enables cross-training. Cross-training helps make an environment less dependent on any 
single individual. 
Job rotation can act as both a deterrent and a detection mechanism. If employees know 
that someone else will be taking over their job responsibilities at some point in the future, 
they are less likely to take part in fraudulent activities. If they choose to do so anyway, 
individuals taking over the job responsibilities later are likely to discover the fraud.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   648   649   650   651   652   653   654   655   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish