According to IIA guidance on IT, which of the following strategies would provide the most effective access control over an automated point-of-sale system?
According to IIA guidance on IT, which of the following strategies would provide the most effective access control over an automated point-of-sale system?
Providing the most effective access control over an automated point-of-sale system requires setting data availability based on user need. This ensures that users only have access to the data necessary for their roles, thereby minimizing the potential for unauthorized access or misuse. This strategy aligns directly with the principle of least privilege and is the most effective method for managing access control in such systems.
C is correct because the question is about access to the system which has to do with users. B is incorrect because it talks about encryption which is related to data protection.
why not D?
Correct question: Why not B? (D is definitely not the correct answer). But B seems a plausible reply