Hi there,
What I understand, there are two cases when a
collusion is expected.
1) If some one wants to get un-authorised access. (to
defeat a preventive control)
2) If some one is caught and wants not to be
highlighted. (to defeat a detective control)
The question says "in order to get access to data"
which means that a mishap has not taken place as yet.
I mean he still do not have a certain access. So he
should collude with the one who has authorization
rights to get un-authorised access.
Mr. Kasturi commented "I think 1 is corect. Collusion
is necessitated only
when the person
doesnt have access to a particular function"
What I believe collusion can also be observed if
someone is caught by another person if he is doing
something wrong and his job has been rotated.
Please correct me if I am wrong..
best Regards,
--- Kasturi Narahari Rao
<naraharirao.kasturi@cmcltd.com> wrote:
Hi...
I think 1 is corect. Collusion is necessitated only
when the person
doesnt have access to a particular function. Only
option 1 talks
about 'limiting the local access of operations
personnel', in which
case he/she has to necessarily collude with another
operator who has
the necessary autjhorization for access, so as to
access data to
which he/she is not authorized because 'access was
limited '.
Regards
Narahari
--- In CISSP-Discuss@yahoogroups.com, "Mooney
Sherman"
<Mooney.Sherman@g...> wrote:
Hi Waheed:
I would say - 2- Job rotation of operations
personnel.because this
may provide access to various unauthorized resources
at different
times by various personnel - so it would be
difficult to audit and
keep track of the unauthorized data and how it is
used. Unless
auditing was turned on for authorized/unauthorized
and reviewed
deligently to see who is accessing what - this may
help in tracking
the culprit but won't prevent the damage from
occuring.
Cheers
Mooney
-----Original Message-----
From: CISSP-Discuss@yahoogroups.com [mailto:CISSP-
Discuss@yahoogroups.com]On Behalf Of Waleed Omer
Sent: Tuesday, November 29, 2005 8:05 AM
To: CISSP-Discuss@yahoogroups.com
Subject: [CISSP-D] Question
Dear Colleagues,
I would like to know if you have a definite answer
for this quiz:
Which of the following security controls might
force an operator
into collusion with personnel assigned
organizationally within
different function in order to gain access to
unauthorized data?
1- Limiting the local access of operations
personnel.
2- Job rotation of operations personnel.
3- Management monitoring of audit logs.
4- Enforcing regular password changes.
Thanks & Regards,
Waleed Omar
_____
YAHOO! GROUPS LINKS
* Visit your group " CISSP-Discuss
<http://groups.yahoo.com/group/CISSP-Discuss> " on
the web.
* To unsubscribe from this group, send an email
to:
CISSP-Discuss-unsubscribe@yahoogroups.com
<mailto:CISSP-Discuss-
unsubscribe@yahoogroups.com?subject=Unsubscribe>
* Your use of Yahoo! Groups is subject to the
Yahoo! Terms of
Service <http://docs.yahoo.com/info/terms/> .
_____
-------------------------------------------------------------------
---------
This communication is intended for the use of the
recipient to
which it is addressed, and may contain confidential,
personal, and
or privileged information. Please contact us
immediately if you are
not the intended recipient of this communication,
and do not copy,
distribute, or take action relying on it. Any
communication received
in error, or subsequent reply, should be deleted or
destroyed.
-------------------------------------------------------------------
---------
This communication is intended for the use of the
recipient to
which it is addressed, and may contain confidential,
personal, and
or privileged information. Please contact us
immediately if you are
not the intended recipient of this communication,
and do not copy,
distribute, or take action relying on it. Any
communication received
in error, or subsequent reply, should be deleted or
destroyed.
SYED ALI ABBAS
Technology & Security Risk Services
SIDAT HYDER MORSHED ASSOCIATES (PVT) LTD
Management Consultants
A Member of Ernst & Young International
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
------------------------ Yahoo! Groups Sponsor --------------------~-->
Get Bzzzy! (real tools to help you find a job). Welcome to the Sweet Life.
http://us.click.yahoo.com/KIlPFB/vlQLAA/TtwFAA/kgFolB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/CISSP-Discuss/
<*> To unsubscribe from this group, send an email to:
CISSP-Discuss-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
