which of the following individuals has update rights to…

The “separation of duties” principle is violated if which of the following individuals has update rights to the
database access control list (ACL)?

The “separation of duties” principle is violated if which of the following individuals has update rights to the
database access control list (ACL)?

A.
Data owner

B.
Data custodian

C.
Systems programmer

D.
Security administrator

Explanation:

A systems programmer should not have privileges to modify the access control list (ACL) because this would give the programmer unlimited control over the system. The data owner would request and approve updates to the ACL, but it is not a violation of the separation of duties principle if the data owner has update rights to the
ACL. The data custodian and the security administrator could carry out the updates on the ACL since it is partof their duties as delegated to them by the data owner.



Leave a Reply 0

Your email address will not be published. Required fields are marked *