QUESTION 161
Which of the following scenarios best demonstrates a violation of security policies?
A. A user syncs files from a USB drive to a corporate cloud storage folder.
B. A user inserts an unmarked USB drive they found outside into a company device.
C. A user accesses a USB drive on a secure, air-gapped lab machine.
D. A user stores local backups on a password-protected USB drive.
Correct Answer: B
QUESTION 162
Which of the following best describes the main difference between an MOU and an SOW?
A. An MOU is usually not legally binding, while an sow is usually legally binding about outcomes.
B. An MOU identifies engagement details, while an sow specifies who will engage.
C. An MOU requires signatures from both parties, while an Sow only requires a signature from the service provider.
D. An MOU is typically very detailed about tasks, while an SOW is typically high-level.
Correct Answer: A
QUESTION 163
Which of the following is a key reason to follow data retention policies during asset decommissioning?
A. To ensure data is securely destroyed when no longer needed
B. To make backup copies of all company data before disposing of hardware
C. To allow employees to access old files even after the hardware is recycled
D. To keep all customer data available in case it is required in the future
Correct Answer: A
QUESTION 164
Which of the following best describes the practice of preserving and documenting the handling of forensic evidence?
A. Acquisition of evidence
B. E-discovery
C. Chain of custody
D. Forensic tabletop exercises
Correct Answer: C
QUESTION 165
Which of the following is an example of a deterrent security control?
A. Perimeter fencing
B. NFC badging
C. System patching
D. Log monitoring
Correct Answer: A
QUESTION 166
A security analyst determines that a security breach will have a financial impact of $15,000 and is expected to occur twice within a three-year period. Which of the following is the ALE for this risk?
A. $7,500
B. $10,000
C. $15,000
D. $30,000
Correct Answer: B
QUESTION 167
Which of the following describes how often backups should occur in a COOP plan?
A. Backups should occur nightly to ensure the data from the entire day is protected.
B. Backups should occur based on the business’s recovery point objective.
C. Backups should occur when more than 5% of data has changed since the last backup.
D. Incremental backups should occur daily, while full backups should occur at least once per week.
Correct Answer: B
QUESTION 168
An organization experiences a compromise in a cloud-hosted solution that contains customer information. which of the following strategies will help determine the sensitivity level of the breach?
A. Permission restrictions
B. Tabletop exercise
C. Data classification
D. Asset inventory
Correct Answer: C
QUESTION 169
Which of the following should a technician do with the hardware of end-of-life servers that are replaced in an environment?
A. Use the servers to run less critical applications.
B. Perform network segmentation.
C. Complete the decommissioning process.
D. Harden the server settings to extend the hardware life cycle.
Correct Answer: C
QUESTION 170
An attacker pretending to be from the help desk calls a user. The attacker asks the user to verify a password in order to fix a technical issue. Which of the following security awareness topics does this scenario best describe?
A. Brand impersonation
B. Operational security
C. Social engineering
D. Insider threat
Correct Answer: C
QUESTION 171
Which of the following risk management strategies is being used when a Chief Information Security Officer ignores known vulnerabilities identified during a risk assessment?
A. Transfer
B. Avoid
C. Mitigate
D. Accept
Correct Answer: D
QUESTION 172
A security analyst collects IoCs from a cybersecurity bulletin. Which of the following should the analyst do next to assess if an environment is compromised?
A. Root cause analysis
B. Threat hunting
C. Tabletop exercise
D. Penetration test
Correct Answer: B
QUESTION 173
A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network Which of the following actions is the most efficient way to identify where the system data was exfiltrated from and what location the attacker sent the data to?
A. Analyze firewall and network logs for large amounts of outbound traffic to external IP addresses or domains.
B. Analyze IPS and IDS logs to find the IP addresses used by the attacker for reconnaissance scans.
C. Analyze endpoint and application logs to see whether file-sharing programs were running on the company systems.
D. Analyze external vulnerability scans and automated reports to identify the systems the attacker could have exploited a remote code vulnerability.
Correct Answer: A
QUESTION 174
Which of the following should be used to ensure that a new software release has not been modified before reaching the user?
A. Tokenization
B. Encryption
C. Hashing
D. Obfuscation
Correct Answer: C
QUESTION 175
An attacker uses XSS to compromise a web server. Which of the following solutions could have been used to prevent this attack?
A. NGFW
B. UTM
C. WAF
D. NAC
Correct Answer: C
QUESTION 176
Which of the following vulnerability types exploits missing safeguards when processing multiple, duplicate, and concurrent requests?
A. Sideloading
B. VM escape
C. Race condition
D. SQL injection
Correct Answer: C
QUESTION 177
Which of the following system controls best characterizes security cameras?
A. Corrective
B. Deterrent
C. Compensating
D. Preventive
Correct Answer: B
QUESTION 178
Which of the following best describes a challenge related to data sovereignty?
A. Ensuring data backups are stored on encrypted local drives
B. Preventing accidental deletion of data by authorized users
C. Complying with legal restrictions on where data is stored and processed
D. Managing latency in global content delivery networks
Correct Answer: C
QUESTION 179
Which of the following security threats aims to compromise a website that multiple employees frequently visit?
A. Supply chain
B. Typosquatting
C. Watering hole
D. Impersonation
Correct Answer: C
QUESTION 180
A company processes personal data from customers in multiple countries. Which of the following actions is most critical for maintaining legal compliance with global privacy regulations?
A. Storing all customer data on encrypted local servers
B. Hiring a data privacy officer to review contracts
C. Ensuring DPAs are in place with third-party vendors
D. Using strong passwords and firewalls on all endpoints
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.