CompTIA CySA+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CySA+ Exam with our comprehensive test. Study using flashcards and multiple-choice questions that include hints and explanations to ensure your success. Get exam-ready today!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following security policies could help detect fraudulent cases that occur even when other security controls are already in place?

Separation of duties
Least privilege
Dual control
Mandatory vacations

The correct answer is: Mandatory vacations

Mandatory vacations are an effective security policy for detecting fraudulent cases, especially in environments where employees may have the opportunity to commit fraud over extended periods. This policy requires employees to take time off from their job responsibilities for a certain period, which can reveal any discrepancies or fraudulent activities that may have gone unnoticed. During the employee's absence, their work can be audited or reviewed by others, allowing for the detection of unusual activities that may indicate fraud. Implementing mandatory vacations interrupts the continuity of an employee's tasks, thus exposing any potential fraudulent actions they may have engaged in when they were in control. It serves as a deterrent since employees may fear getting caught if they know that their work will be scrutinized during their absence. While options like separation of duties and dual control also provide fraud prevention measures, they focus on preventing a single individual from having too much control or responsibility over a process, rather than actively detecting fraud. Least privilege restricts access to only what is necessary for job performance, but it does not directly lead to discovering fraud once established processes are compromised.