401 SEC+ Exam Guaranteed Pass: High-Quality
Questions & Expert Answers Tailored for Top Grades
and Exam Success
After an audit, it was discovered that the security group memberships were not properly
adjusted for employees' accounts when they moved from one role to another. Which of the
following has the organization failed to properly implement? (Select TWO).
A. Mandatory access control enforcement.
B. User rights and permission reviews.
C. Technical controls over account management.
D. Account termination procedures.
E. Management controls over account management.
F. Incident management and response plan. - -correct ans- -Answer: B,E
Explanation:
Reviewing user rights and permissions can be used to determine that all groups, users, and
other accounts have the appropriate privileges assigned according to the policies of the
corporation and their job descriptions since they were all moved to different roles.
Control over account management would have taken into account the different roles that
employees have and adjusted the rights and permissions of these roles accordingly.
The security administrator is currently unaware of an incident that occurred a week ago.
Which of the following will ensure the administrator is notified in a timely manner in the
future?
A. User permissions reviews
B. Incident response team
C. Change management
D. Routine auditing - -correct ans- -Answer: D
,Explanation:
Routine audits are carried out after you have implemented security controls based on risk.
These audits include aspects such as user rights and permissions and specific events.
The system administrator has deployed updated security controls for the network to limit
risk of attack. The security manager is concerned that controls continue to function as
intended to maintain appropriate security posture.
Which of the following risk mitigation strategies is MOST important to the security
manager?
A. User permissions
B. Policy enforcement
C. Routine audits
D. Change management - -correct ans- -Answer: C
Explanation:
After you have implemented security controls based on risk, you must perform routine
audits. These audits should include reviews of user rights and permissions as well as
specific events. You should pay particular attention to false positives and negatives.
Which of the following security account management techniques should a security analyst
implement to prevent staff, who has switched company roles, from exceeding privileges?
A. Internal account audits
B. Account disablement
C. Time of day restriction
D. Password complexity - -correct ans- -Answer: A
Explanation:
, Internal account auditing will allow you to switch the appropriate users to the proper
accounts required after the switching of roles occurred and thus check that the principle of
least privilege is followed.
Encryption of data at rest is important for sensitive information because of which of the
following?
A. Facilitates tier 2 support, by preventing users from changing the OS
B. Renders the recovery of data harder in the event of user password loss
C. Allows the remote removal of data following eDiscovery requests
D. Prevents data from being accessed following theft of physical equipment - -correct ans-
-Answer: D
Explanation:
Data encryption allows data that has been stolen to remain out of the eyes of the intruders
who took it as long as they do not have the proper passwords.
Which of the following is BEST carried out immediately after a security breach is
discovered?
A. Risk transference
B. Access control revalidation
C. Change management
D. Incident management - -correct ans- -Answer: D
Explanation:
Incident management is the steps followed when security incident occurs.
A security analyst informs the Chief Executive Officer (CEO) that a security breach has just
occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught
Questions & Expert Answers Tailored for Top Grades
and Exam Success
After an audit, it was discovered that the security group memberships were not properly
adjusted for employees' accounts when they moved from one role to another. Which of the
following has the organization failed to properly implement? (Select TWO).
A. Mandatory access control enforcement.
B. User rights and permission reviews.
C. Technical controls over account management.
D. Account termination procedures.
E. Management controls over account management.
F. Incident management and response plan. - -correct ans- -Answer: B,E
Explanation:
Reviewing user rights and permissions can be used to determine that all groups, users, and
other accounts have the appropriate privileges assigned according to the policies of the
corporation and their job descriptions since they were all moved to different roles.
Control over account management would have taken into account the different roles that
employees have and adjusted the rights and permissions of these roles accordingly.
The security administrator is currently unaware of an incident that occurred a week ago.
Which of the following will ensure the administrator is notified in a timely manner in the
future?
A. User permissions reviews
B. Incident response team
C. Change management
D. Routine auditing - -correct ans- -Answer: D
,Explanation:
Routine audits are carried out after you have implemented security controls based on risk.
These audits include aspects such as user rights and permissions and specific events.
The system administrator has deployed updated security controls for the network to limit
risk of attack. The security manager is concerned that controls continue to function as
intended to maintain appropriate security posture.
Which of the following risk mitigation strategies is MOST important to the security
manager?
A. User permissions
B. Policy enforcement
C. Routine audits
D. Change management - -correct ans- -Answer: C
Explanation:
After you have implemented security controls based on risk, you must perform routine
audits. These audits should include reviews of user rights and permissions as well as
specific events. You should pay particular attention to false positives and negatives.
Which of the following security account management techniques should a security analyst
implement to prevent staff, who has switched company roles, from exceeding privileges?
A. Internal account audits
B. Account disablement
C. Time of day restriction
D. Password complexity - -correct ans- -Answer: A
Explanation:
, Internal account auditing will allow you to switch the appropriate users to the proper
accounts required after the switching of roles occurred and thus check that the principle of
least privilege is followed.
Encryption of data at rest is important for sensitive information because of which of the
following?
A. Facilitates tier 2 support, by preventing users from changing the OS
B. Renders the recovery of data harder in the event of user password loss
C. Allows the remote removal of data following eDiscovery requests
D. Prevents data from being accessed following theft of physical equipment - -correct ans-
-Answer: D
Explanation:
Data encryption allows data that has been stolen to remain out of the eyes of the intruders
who took it as long as they do not have the proper passwords.
Which of the following is BEST carried out immediately after a security breach is
discovered?
A. Risk transference
B. Access control revalidation
C. Change management
D. Incident management - -correct ans- -Answer: D
Explanation:
Incident management is the steps followed when security incident occurs.
A security analyst informs the Chief Executive Officer (CEO) that a security breach has just
occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught
