ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization is automating its AWS deployment pipeline. Current plans give DevOps engineers permission to both merge application code into the main branch and promote the resulting build directly to the production environment. The security team is concerned this design could allow a single individual to introduce malicious code without detection. Which security concept should be applied to mitigate this risk by dividing these responsibilities among different roles?
Apply strict least-privilege permissions so each engineer can only access what is needed for daily tasks.
Introduce job rotation to move engineers between development and operations roles every few months.
Implement segregation of duties so different personnel handle code commits and production deployments.
Add additional defense-in-depth controls such as Web Application Firewalls and intrusion detection systems.
Segregation of duties (SoD) mitigates the risk that a single individual can intentionally or accidentally perform and conceal unauthorized activities. By splitting code-merge (development) privileges from production-deployment (operations) privileges, the organization ensures that at least two people must collaborate before changes reach production. This joint control reduces the likelihood of fraud or error. Least privilege limits the scope of access but does not require multiple people; defense in depth layers controls but does not specifically address shared responsibility; and job rotation periodically changes assignments but still allows one person at a time to hold both capabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is segregation of duties (SoD) in security?
Open an interactive chat with Bash
How does segregation of duties differ from least privilege?
Open an interactive chat with Bash
How can automation tools be designed to support segregation of duties?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Security Concepts and Practices
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .