A penetration tester discovers during a recent test that an employee in the accounting department had been making changes to a payment system and redirecting money into a personal bank account. The penetration test was immediately stopped. Which of the following would be the BEST recommendation to discourage this type of activity in the future?
Enforcing mandatory employee vacations is an effective fraud prevention strategy. It requires employees to take time off, thereby ensuring that their work is temporarily handled by others who may detect any ongoing fraudulent activities. This practice helps uncover fraudulent tasks that depend on continuous oversight by the same individual and introduces a level of oversight that might reveal discrepancies or irregularities. While multifactor authentication improves security by requiring multiple forms of verification, it does not directly address the issue of employees abusing their legitimate access. Video surveillance and password encryption bolster security, but they do not specifically target internal fraudulent activities. Therefore, enforcing mandatory employee vacations is the best recommendation to discourage this type of activity in the future.
Common question in the CompTIA CySA+ course. Job rotation stop this kind of issue in the workplace
agreed. Seen before and employee vacations is usually the answer. People don't want to get caught slipping by their peers.
If the employee already works in the accounting department, MFA will not stop their actions because they'll already have access by virtue of their job.
mandatory employee vacations wouldn't still discourage such activity. what about after the employee comes back from vacation. I think it's C. Two-person authentication is a type of MFA that requires two individuals to be involved in the authentication process. For example, one person may enter a password, while another person provides a secondary form of verification, such as a biometric or a code sent to a phone.
A is answer
You are confusing MFA with Four Eyes Principle, which are two different things.
It's A.
aaaaaaaaaaa
Pretty sure this was on Sec+. I vaguely remember Professor Messer mentioning something about this when covering insider threats. Regardless, this happened at a bank near me. Controller in accounts receivable department embezzled over $100K over 10 years. Never took PTO. The CFO finally forced her to take vacation and during that time, they discovered she had been stealing.
Among these options, enforcing mandatory employee vacations (Option A) would be the best recommendation, as it could help uncover fraudulent activities that require continuous action by the employee. It may force the fraudulent employee to delegate his tasks, and inconsistencies might be detected during his absence. However, this measure should be part of a broader strategy to monitor for and prevent insider threats, including implementing robust access controls, segregation of duties, continuous monitoring, and regular audits.
Another appalling answer. This is definitely A
B. Implement multifactor authentication would be the best recommendation to discourage this type of activity in the future. Multi-factor authentication requires a user to verify their identity through more than just a username and password, such as a one-time code sent to their email or mobile phone. This makes it much harder for unauthorized users to gain access to accounts, thus preventing this type of malicious activity in the future.
A is correct
Enforcing mandatory employee vacations would not necessarily discourage this type of activity in the future, as it would not prevent an individual from having access to financial information when they are in the office. Implementing multifactor authentication, on the other hand, would make it much more difficult for an individual to gain unauthorized access to the financial information, and is therefore the best recommendation in this situation.
https://www.google.com/url?sa=t&source=web&rct=j&url=https://www.examtopics.com/discussions/comptia/view/66648-exam-pt1-002-topic-1-question-47-discussion/&ved=2ahUKEwiey7Ld9dP9AhWQxQIHHcjTCwQQFnoECAgQAQ&usg=AOvVaw15MWiv1jaZi4PXI7fqrqwK A 100% correct answer
A. Enforce mandatory employee vacations: • Enforcing mandatory employee vacations is a well-known fraud prevention strategy. It ensures that employees must take time away from their duties, which can disrupt and potentially expose ongoing fraudulent activities. When an employee is away, their work is often handled by another person, who might notice discrepancies or irregularities that could indicate fraud.
B. Implement multifactor authentication: • While multifactor authentication (MFA) enhances security by adding additional layers of verification, it primarily protects against unauthorized access. It does not directly address internal fraud or the issue of employees with legitimate access abusing their privileges. C. Install video surveillance equipment in the office: • Video surveillance can be useful for monitoring physical security and deterring some types of misconduct. However, it is less effective at preventing and detecting complex fraudulent activities that occur through electronic systems. D. Encrypt passwords for bank account information: • Encrypting passwords is a good security practice for protecting sensitive information, but it does not address the issue of an employee abusing legitimate access to systems to commit fraud. Encryption protects data in storage and transit but does not prevent misuse by authorized users.
No doubt A is the right answer
I think B is more relevant here just like our current payment system where you get and OTP to transfer funds. Mandatory vacation does not really discourage this behavior unless a dedicated auditor who knows what he/she is looking for, will check every money transfer made which would appear as legal transactions and that could be millions.