Which of the following can be prevented by an organization using job rotation and separation of
duties policies?
A.
Collusion
B.
Eavesdropping
C.
Buffer overflow
D.
Phishing
Explanation:
Collusion can be prevented by an organization using job rotation and separation of duties (SoD)
policies.
Separation of duties is the concept and a part of an organization’s policy of having more than one
person required to complete a task. It implements an appropriate level of checks and balances upon
the activities of individuals. With the concept of SoD, business critical duties can be categorized into
four types of functions: authorization, custody, record keeping, and reconciliation. In a perfect
system, no person should handle more than one type of function. Separation of duties helps reduce
the potential damage from the actions of one person. As an organization’s policy it also helps to
prevent collusion.
Answer option B is incorrect. Eavesdropping is the process of listening in private conversations. It
also includes attackers listening in on the network traffic. For example, it can be done over
telephone lines (wiretapping), e-mail, instant messaging, and any other method of communication
considered private.
Answer option C is incorrect. Buffer overflow is a condition in which an application receives more
data than it is configured to accept. It helps an attacker not only to execute a malicious code on the
target system but also to install backdoors on the target system for further attacks.
All buffer overflow attacks are due to only sloppy programming or poor memory management by
the application developers. The main types of buffer overflows are: