(ISC)2 SSCP (2019) Question of the Day #68

(ISC)2 SSCP (2019) Question of the Day #68

An accounting employee at Doolittle Industries was recently arrested for participation in an embezzlement scheme. The employee transferred money to a personal account and then shifted funds around between other accounts every day to disguise the fraud for months. Which one of the following controls might have best allowed the earlier detection of this fraud?

A. Separation of duties
B. Least privilege
C. Defence in depth
D. Mandatory vacation



 Scroll down for answer




Save 10-50% on computers & electronics

Answer D

Mandatory vacation programs require that employees take continuous periods of time off each year and revoke their system privileges during that time. This will ideally disrupt any attempt to engage in the cover-up actions necessary to hide fraud and result in exposing the threat. Separation of duties, least privilege, and defence in depth controls all may help prevent the fraud in the first place but are unlikely to speed the detection of fraud that has already occurred.


See more (ISC)2 SSCP (2019) Question of the Day questions and answers.


Also see: Certified Ethical Hacker v10 Question of the Day

Also see: CISSP Certified Information Systems Security Professional Question of the Day


Cyber Help and Advice and Cyber Security News


 Do you want to read more about the Cyber and Tech World? Follow us on Facebook or Twitter

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top


Cyber Exams


Follow Us


Sign up to keep in touch!

Be the first to hear the latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time