(ISC)2 Certified in Cybersecurity Practice Exam

What term describes the requirement for two people to jointly approve sensitive actions?

• A. Two Person Integrity
• B. Two Person Control
• C. Joint Integrity
• D. Collaborative Approval

The correct answer is: Two Person Control

The term that describes the requirement for two people to jointly approve sensitive actions is Two Person Control. This concept is essential in cybersecurity and operational contexts to mitigate the risk of fraud or errors that can occur if a single individual has unchecked authority over critical functions or sensitive information. Implementing Two Person Control ensures that no one individual can make unilateral decisions that could compromise security, leading to a more reliable and accountable system. This practice aligns with the principle of separation of duties, which is designed to prevent any single individual from having the ability to carry out all phases of a transaction or action independently. While the other options may sound relevant, they don't precisely capture the established terminology used in cybersecurity fields. For instance, Two Person Integrity is related but more about ensuring integrity through dual verification rather than the broader concept of control over actions. Joint Integrity and Collaborative Approval might suggest cooperation or teamwork but do not specifically denote the controls put in place for sensitive actions that require dual authorization. Thus, Two Person Control is the correct answer because it most accurately encapsulates the concept of requiring two individuals to jointly approve sensitive actions.