Mark is conducting an information audit for his organisation. Which one of the following elements that he discovered is least likely to be classified as PII when used in isolation?

When a user attempts to log into their online account, Google sends a text message with a code to their mobile phone. What type of verification is this?

Kathleen is implementing an access control system for her organisation and builds the following array:
Reviewers: update files, delete files
Submitters: upload files
Editors: upload files, update files
Archivists: delete files

What term is used to describe the default set of privileges assigned to a user when a new account is created?

Paul works for a data centre hosting facility that provides physical data center space for individuals and organisations. Until recently, each client was given a magnetic-strip-based keycard to access the section of the facility where their servers are located, and they were also given a key to access the cage or rack where their servers reside. In the past month, several servers have been stolen, but the logs for the pass cards show only valid IDs.

What is Kathleen’s best option to make sure that the users of the pass cards are who they are supposed to be?