which of the following individuals has update rights to the database access control list (ACL)?

The “separation of duties” principle is violated if which of the following individuals has update
rights to the database access control list (ACL)?

The “separation of duties” principle is violated if which of the following individuals has update
rights to the database access control list (ACL)?

A.
Data owner

B.
Data custodian

C.
Systems programmer

D.
Security administrator

Explanation:

A systems programmer should not have privileges to modify the access control list (ACL) because
this would give the programmer unlimited control over the system. The data owner would request
and approve updates to the ACL, but it is not a violation of the separation of duties principle if the
data owner has update rights to the ACL. The data custodian and the security administrator could
carry out the updates on the ACL since it is part of their duties as delegated to them by the data
owner.



Leave a Reply 0

Your email address will not be published. Required fields are marked *