What would be the MOST effective control for enforcing accountability among database users accessing sensitive information?

Prev Question
Next Question

What would be the MOST effective control for enforcing accountability among database users
accessing sensitive information?

A.
implement a log management process

B.
implement a two-factor authentication

C.
Use table views to access sensitive data

D.
Separate database and application servers

Explanation:
Accountability means knowing what is being done by whom. The best way to enforce the principle
is to implement a log management process that would create and store logs with pertinent
information such as user name, type of transaction and hour. Choice B, implementing a two-factor
authentication, and choice C, using table views to access sensitive data, are controls that would
limit access to the database to authorized users but would not resolve the accountability problem.
Choice D may help in a better administration or even in implementing access controls but, again,
does not address the accountability issues.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *