The Chief Security Officer (CSO) is concerned about misuse of company assets and wishes to
determine who may be responsible. Which of the following would be the BEST course of action?
A.
Create a single, shared user account for every system that is audited and logged based upon
time of use.
B.
Implement a single sign-on application on equipment with sensitive data and high-profile
shares.
C.
Enact a policy that employees must use their vacation time in a staggered schedule.
D.
Separate employees into teams led by a person who acts as a single point of contact for
observation purposes.