Question: Fred is a new security officer who wants to implement a control for detecting and preventing users who attempt to exceed their authority by misusing the access rights that have been assigned to them. Which of the following best fits this need?
A. Management review
B. Two-factor identification and authentication
C. Capturing this data in audit logs
D. Implementation of a strong security policy

Download pdf (with explanations) edition of this exam.