Does anyone know the answer to the following question:
A security architect is supporting a project team responsible for a new extranet application. As part of its activities, the team is identifying roles within the system and documenting possible conflicts between roles that could lead to collusion between users. Which of the following principles of risk mitigation is the team implementing?
- Dual control
- Least privilege
- Separation of duties
- Job rotation