158 Chapter 7 ■ Security Operations (Domain 7)
- Helen is implementing a new security mechanism for granting employees administrative
privileges in the accounting system. She designs the process so that both the employee’s
manager and the accounting manager must approve the request before the access is
granted. What information security principle is Helen enforcing?
A. Least privilege
B. Two-person control
C. Job rotation
D. Separation of duties - Which one of the following is not a requirement for evidence to be admissible in court?
A. The evidence must be relevant.
B. The evidence must be material.
C. The evidence must be tangible.
D. The evidence must be competent. - In which cloud computing model does a customer share computing infrastructure with
other customers of the cloud vendor where one customer may not know the other’s
identity?
A. Public cloud
B. Private cloud
C. Community cloud
D. Shared cloud - Which of the following organizations would be likely to have a representative on a CSIRT?
I. Information security
II. Legal counsel
III. Senior management
IV. Engineering
A. I, III, and IV
B. I, II, and III
C. I, II, and IV
D. All of the above - Sam is responsible for backing up his company’s primary file server. He configured a
backup schedule that performs full backups every Monday evening at 9 p.m. and differ-
ential backups on other days of the week at that same time. Files change according to the
information shown in the following figure. How many files will be copied in Wednesday’s
backup?
A. 2
B. 3
C. 5
D. 6