A long-tenured engineer has accumulated access across six business units through internal transfers. A recent audit flagged the account as having excessive privileges, but managers insist the access is "needed for cross-functional projects." What should you do FIRST? A. Disable unused entitlements based on the last 90 days of activity logs B. Initiate a formal access recertification with each respective data owner C. Implement a role-based access control model to replace direct grants D. Escalate to HR to enforce a job description review Come back for the answer tomorrow, or study more now!

A software project team is strictly adhering to the Cleanroom Software Engineering methodology, emphasizing statistically certified reliability. They are in the final acceptance testing phase of the third product increment. The independent Certification Team has just revealed that, based on statistical usage testing, the calculated Mean Time To Failure (MTTF) for the current increment falls significantly below the minimum certified reliability target established in the contract specification. The implementation team is arguing they should be allowed to run full-coverage unit tests on suspect modules to quickly pinpoint the likely errors before the next build. The Verification Team leader insists on simply increasing the size and diversity of the random-usage test suite to gather more data. What is the most consistent and methodologically sound action you should take next? A. Postpone the increment release, formally document the current achieved MTTF, and defer the required corrective action and refactoring to the next planned incremental build cycle to stabilize the current process. B. Permit the implementation team to perform targeted unit testing on the suspect modules to quickly diagnose the root cause, provided all fixes and tests are fully documented and reviewed by the Verification Team before inclusion in the final build. C. Immediately halt the implementation team's work, conduct a formal design and code walk-through by the independent Inspection Team, and utilize the formal specification to mathematically prove the correction before any code modification is committed. D. Reject the unit testing proposal, require the Certification Team to focus their next testing cycle exclusively on high-risk, unverified use-case profiles to isolate the faults, and then apply minimal, verified changes.

A business unit requests permanent retention of all customer transaction records "in case we ever need them." Legal has not issued a hold, and the current retention schedule requires deletion after seven years. As the data owner's advisor, what is the BEST response? A. Honor the request since longer retention reduces legal discovery risk B. Enforce the existing retention schedule and require a formal exception with risk acceptance C. Migrate the records to cold storage to balance cost and accessibility D. Defer to Legal before taking any action on the records Come back for the answer tomorrow, or study more now!