Regarding asset security and appropriate retention, which of the following INITIAL top three areas
are important to focus on?

Discretionary Access Control (DAC) is based on which of the following?

By carefully aligning the pins in the lock, which of the following defines the opening of a mechanical
lock without the proper key?

An organization has decided to contract with a cloud-based service provider to leverage their
identity as a service offering. They will use Open Authentication (OAuth) 2.0 to authenticate external
users to the organization’s services.
As part of the authentication process, which of the following must the end user provide?

An organization is found lacking the ability to properly establish performance indicators for its Web
hosting solution during an audit. What would be the MOST probable cause?

How does an organization verify that an information system’s current hardware and software match
the standard system configuration?

The goal of a Business Continuity Plan (BCP) training and awareness program is to

Which of the following disaster recovery test plans will be MOST effective while providing minimal
risk?

An organization has developed a major application that has undergone accreditation testing. After
receiving the results of the evaluation, what is the final step before the application can be
accredited?

What is one way to mitigate the risk of security flaws in custom software?