When implementing a new system, a systems administrator works with the information system owner to identify and document the responsibilities of various
positions within teh organization. Once responsibilities are identified, groups are created within the system to accommodate the various responsibilities of each
position type, with users being placed in these groups. Which of the following principles of authorization is being developed?

A software development manager needs to create several different environments for application development, testing, and quality control. Controls are being put in
place to manage how software is moved into the production environment. Which of the following should the software development manager request be put in place
to implement the three new environments?

A company is hosting both sensitive and public information at a cloud provider. Prior to the company going out of business, the administrator will decommission all
virtual servers hosted in the cloud. When wiping the virtual hard drive, which of the following should be removed?

Members of the accounting group save all of their work in a directory on a Linux server. The directory has the default permissions of rwxrwxr-x. The accounting
users suspect that a user in the Human Resources group is aware of the existence of a confidential file. What is the reason for the accounting users suspicions?

A penetration tester is attempting to determine the operating system of a remote host. Which of the following will provide this information?

A forensics investigator needs to be able to prove that digital evidence was not tampered with after being taken into custody. Which of teh following is useful in this
scenario?

Attackers use techniques when sending tailored emails to engage their targets and make them feel personally involved. Which of the following social engineering
techniques BEST describes this type of attack?

A company is providing mobile devices to all its employees. The system administrator has been tasked with providing input for the company’s new mobile device
policy. Which of the following are valid security concepts that the system administrator should include when offering feedback to management? (Select TWO)

An organization that uses a cloud infrastructure to present a payment portal is using:

A network administrator is in the process of developing a new network security infrastructure. One of the requirements for the new system is the ability to perform
advanced authentication, authorization, and accounting. Which of the following technologies BEST meets the stated requirement?