Question Scenario:- In company A, there are 8 managers for 8 different departments, and every manager uses the same account to add payment entries of freelancers to be paid every weekend. The process is initiated by using a username which is “manager” and password which is “M1na6%r”. Once a manager is logged in, they are given a special set of permissions to modify the payment sheet. One day manager of cybersecurity added payment entries for 2 freelancers which were fake and no such work was ever done. The Design manager sees him doing so and report to senior management, but when CEO enquires about this, CyberSecurity Manager says these are not his freelancers and he never added these entries.
Question:- What mechanism can we use to find and prove that it was that cybersecurity manager and not the programming manager.
d). Give the threat to fire him for the job
Answer :- Majority of students will answer this question as Non-Repudiation or Authorization but actually the answer is Auditing because on one single fact that Those two concepts can only be implemented if Auditing is Implemented, it is Auditing due to which we will have Logs and we can have Audit Trial to check the Login IP Address.
You should understand that here the Many Security Principles are not being followed as everyone is using the same account, it will be very hard to prove this thing in the court of law that someone was guilty in the case.
Luckily if IP address is being logged, which every system normally do, then we can try to find the culprit