An organization wants to separate permissions for individuals who perform system changes from individuals who perform auditing of those system changes.
Which of the following access control approaches is BEST suited for this?
A . Assign administrators and auditors to different groups and restrict permissions on system log files to read-only for the auditor group.
B . Assign administrators and auditors to the same group, but ensure they have different permissions based on the function they perform.
C . Create two groups and ensure each group has representation from both the auditors and the administrators so they can verify any changes that were made.
D . Assign file and folder permissions on an individual user basis and avoid group assignment altogether.
Answer: A
Leave a Reply