After an audit, it was discovered that the security group memberships were not properly adjusted for
employees’ accounts when they moved from one role to another. Which of the following has the
organization failed to properly implement? (Select TWO).

A.
Mandatory access control enforcement.

B.
User rights and permission reviews.

C.
Technical controls over account management.

D.
Account termination procedures.

E.
Management controls over account management.

F.
Incident management and response plan.

Explanation:
Reviewing user rights and permissions can be used to determine that all groups, users, and other
accounts have the appropriate privileges assigned according to the policies of the corporation and their
job descriptions since they were all moved to different roles.Control over account management would have taken into account the different roles that employees
have and adjusted the rights and permissions of these roles accordingly.
Incorrect Answers:
A: Mandatory access control enforcement just means that all access would be pre-defined. Thus it will not
take into account the different roles now occupied by different employees.
C: Technical controls include things such as firewalls, IDS, IPS, etc. and as such are preventative, detective
and even compensating and not administrative control.
D: Account termination procedures are carried out in the event of employees leaving the company and
not when they are being moved within the company.
F: Incident management refers to the steps followed when events occur (making sure controls are in
place to prevent unauthorized access to, and changes of, all IT assets). And the Incidence Response PLan
outlines what steps are needed and who is responsible for deciding how to handle a situation. In this case
an audit was conducted.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 10, 26-27