Requiring technicians to report spyware infections is a step in which of the following?

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

An internal auditor is concerned with privilege creep that is associated with transfers inside the company.
Which mitigation measure would detect and correct this?

A security administrator is responsible for performing periodic reviews of user permission settings due to
high turnover and internal transfers at a corporation. Which of the following BEST describes the
procedure and security rationale for performing such reviews?

Various network outages have occurred recently due to unapproved changes to network and security
devices. All changes were made using various system credentials. The security analyst has been tasked to
update the security policy. Which of the following risk mitigation strategies would also need to be
implemented to reduce the number of network outages due to unauthorized changes?

After an audit, it was discovered that the security group memberships were not properly adjusted for
employees’ accounts when they moved from one role to another. Which of the following has the
organization failed to properly implement? (Select TWO).

The security administrator is currently unaware of an incident that occurred a week ago. Which of the
following will ensure the administrator is notified in a timely manner in the future?

The system administrator has deployed updated security controls for the network to limit risk of attack.
The security manager is concerned that controls continue to function as intended to maintain appropriate
security posture.
Which of the following risk mitigation strategies is MOST important to the security manager?

Which of the following security account management techniques should a security analyst implement to
prevent staff, who has switched company roles, from exceeding privileges?

Encryption of data at rest is important for sensitive information because of which of the following?