CISM Certified Information Security Manager – Question1423

Which of the following activities performed by a database administrator (DBA) should be performed by a different person?

A.
Deleting database activity logs
B. Implementing database optimization tools
C. Monitoring database usage
D. Defining backup and recovery procedures

Correct Answer: A

Explanation:

Explanation: Since database activity logs record activities performed by the database administrator (DBA), deleting them should be performed by an individual other than the DBA. This is a compensating control to aid in ensuring an appropriate segregation of duties and is associated with the DBA’s role. A DBA should perform the other activities as part of the normal operations.