full book

A company has guards at the gate, guards at the entrance to its main building, and an access control vestibule inside the building. Access to the office where the company’s data resides is controlled through two additional doors that use RFID (radio frequency identification) locks. Which controls are being adopted by the company? (Select TWO.) Preventive Deterrent Corrective Physical One of the file servers of an organization has suffered an attack. The organization’s IT administrator is searching the log files to understand what happened. What type of control are they implementing when carrying out the investigation? Operational Technical Detective Physical During a monthly team meeting, an IT manager tasks both the mail administrator and the network administrator with creating a standard operating procedure. What type of control describes the mail administrator and network administrator’s task? Directive Managerial Operational Technical Which control type focuses on eliminating or minimizing potential threats before they can cause harm? Preventive Compensating Deterrent Corrective An organization has been sent information by Microsoft that a critical update for Windows 11 has just been released. The organization’s cybersecurity team immediately applies this latest update to all of its Windows 11 computers. What type of control have they carried out? Preventive Compensating Deterrent Corrective An organization suffered a ransomware attack, where one of the technical controls was compromised. What type of control should a company implement to prevent a reoccurrence? Preventive Compensating Detective Corrective Which of the following physical controls would deter someone from entering a quarry? (Select TWO.) Bollards Guards Barrier Signs Lights Following a third-party compliance audit, a company has been recommended that additional instructions need to be included in the current compliance policies. What type of control BEST describes the recommended action? Operational Directive Deterrent Corrective A cybersecurity administrator has decided to use homomorphic encryption to protect data so that they can read the data without needing to decrypt it. What type of control BEST describes the action carried out by the cybersecurity administrator? Managerial Technical Operational Physical Within the spectrum of control categories, which one is tasked with establishing protocols and guidelines to enhance the effectiveness of organizational oversight? Technical Managerial Operational Physical

An IT administrator has been tasked by the CEO to investigate the latest attack methods being used by a bad actor. Which of the following would be the BEST resource to use? MITRE ATT&CK A honeyfile A honeypot A CVE list What type of system is able to track users’ access if the authentication method uses 802.1x? Federation Services Kerberos OAuth RADIUS Which of the following can be used to provide non-repudiation? Asymmetric encryption Symmetric encryption A public key A SAML token An international bank encountered an insider attack where they suffered the theft of $100,000. The security team has been tasked to find the culprit. Which of the following is the BEST source of information for the security team to use? The system log The application log An audit trail The DNS log Which of the given security tools fulfills the following? Presents itself as a prized target Uses dummy data Helps track attackers Honeypot A honeyfile A honeytoken PAM In organizational jargon, what process describes scrutinizing the delta between existing resources and future aspirations, aiming to fortify strategic decision-making? A SWOT analysis The capability maturity model Business process reengineering Gap analysis Which of the following uses a private key to provide proof that an email has not been altered in transit and has come from the person who originally sent it? A digital signature Encryption Hashing Domain-based message authentication, reporting, and conformance Which intricate concept involves a dynamic orchestration of access controls, continuously tailoring user permissions based on evolving risk profiles and behavioral analytics? A behavioral authentication framework Dynamic credential ciphering Adaptive identity management A cyber resilience protocol Which type of sensors can detect changes in frequency? Microwave sensors Pressure sensors Infrared sensors Ultrasonic sensors Which of the following log files ensures that someone is responsible for another person? An IDS log A security log An event log A visitors logWhat component of change management is essential for ensuring that security operations are not adversely affected by new implementations? Select the BEST option. Ownership Test results An approval process A backout plan Which of the following is the BEST solution for a cybersecurity team to implement to prevent employees from installing video games on a company’s systems? Sandbox An application allow list A block list Least privilege When ensuring the accuracy of system representations, what practice is reflective of the actual network infrastructure? Regression testing Updating diagrams Data masking Version control What component of change management outlines the specific steps to be taken if a change implementation encounters unexpected issues or failures? A snapshot A backout plan A maintenance window Test results When creating new software, what is the interconnection of services and system drivers known as? Select the most appropriate answer. Errors in software code Incompatibilities Dependencies Interoperability In IT operations, what is the primary reason for scheduling a maintenance window for system updates or changes? To maximize resource utilization To reduce the need for regular system backups To bypass the need for change management procedures To ensure updates are implemented without disrupting users Which action involves closing and then reopening an application to address issues, refresh resources, or implement changes? An application refresh An application restart An application reload An application reset When creating new software, what is the main purpose of reviewing and analyzing test results before deploying changes to a production environment? To validate user documentation To analyze system dependencies To confirm that a team adheres to coding standards To identify and address potential issues or defects What vital process in change management assesses the potential consequences of alterations for various aspects, such as systems, processes, and resources? Impact analysis A backout plan A standard operating procedure A maintenance window In a complex enterprise environment, what strategic considerations should be weighed before executing a service restart, ensuring optimal system availability while minimizing potential security vulnerabilities? Select the BEST choice. The temperature of the data center The number of active user sessions The chronological order of code deployment The potential impact on interconnected services1. What is the primary purpose of a private key in a Public Key Infrastructure (PKI)?

The encryption of sensitive data
Storing cryptographic keys
Encrypting messages for secure transmission
Decryption and digital signatures

2. Which type of encryption employs a single key to encrypt substantial volumes of data, utilizing a block cipher technique?

Hashing
Asymmetric encryption
Symmetric encryption
A key exchange

3. What technique involves transforming sensitive data, such as credit card numbers, into unique tokens that retain no intrinsic value and are used for secure transactions?

Obfuscation
Salting
Tokenization
Steganography

4. Which cryptographic method involves utilizing intricate mathematical operations to guarantee the irreversible transformation of data during encryption?

A. Transport/communication encryption

Asymmetric encryption
A key exchange
Algorithm encryption

5. What term is used to describe the catalogs that contain invalidated digital certificates and ensure the security of online communication?

Self-signed
Certificate signing request (CSR)
generation
Certificate authorities
Certificate revocation lists (CRLs)/ the Online Certificate Status Protocol (OCSP)

6. What do you need to securely store cryptographic keys and perform cryptographic operations within a computer system and which encryption level involves the conversion of entire disks into encrypted formats? (Choose TWO.)

A Trusted Platform Module (TPM) chip
A Hardware Security Module (HSM)

Encryption key management software
Password-based encryption
Full-Disk Encryption (FDE)

7. What does a key exchange involve in cryptography?

Encrypting large amounts of data using a single key
Securely transmitting cryptographic keys
Ensuring encryption irreversibility
Utilizing private and public keys for decryption

8. What type of digital certificate is self-generated, lacks third-party validation, and is typically used for multiple internal servers to save costs?

A wildcard
Certificate authorities
Certificate signing request (CSR)
generation
Self-signed

9. What technology serves as a decentralized digital ledger, ensuring secure and tamper-resistant record-keeping of transactions?

Encryption
Digital signatures
Blockchain
Proof of work

10. Which of the following techniques involves the strategic act of deliberately obscuring code to create an intricate puzzle, making the understanding of the code challenging?

Obfuscation
Tokenization
Steganography
Data masking

1. You receive an email claiming to be from the

IRS (Internal Revenue Service) informing you of a tax refund. The email contains a link to a website where you can claim the refund by providing your personal and financial information. You provide this information, but an hour later your bank account has been emptied. What type of attack is this most likely to be?

A. Spear phishing

B. Phishing

C. Smishing

D. Vishing

2. You are working for a government agency and have been tasked with sending data to a field operative. You decide to hide a secret message inside a pretty picture that you attach to a digitally signed email. What is the technique adopted by you called?

A. Steganography

B. Malware injection

C. Phishing

D. Data masking

3. A CEO's phone was hacked while they were on holiday. Which of the following is the MOST LIKELY Bluetooth attack vector that could have been used to gain access?

A. Installing a firewall on a Bluetooth-enabled device

B. Connecting to a trusted Bluetooth speaker

C. Pairing with a public Bluetooth headset

D. Updating the device's Bluetooth driver

4. What distinguishes spear phishing from regular phishing?

A. Spear phishing uses phone calls, while regular phishing uses email

B. Spear phishing targets high-profile individuals, while regular phishing targets a broader audience

C. Spear phishing relies on fake websites, while regular phishing uses malicious attachments

D. Spear phishing only targets large corporations, while regular phishing targets individuals

5. You come across a website offering free software downloads and download a program from it. Later, you realize that your computer is behaving strangely, and you suspect a malware infection. What kind of threat might you have encountered?

A. A Trojan disguised as the downloaded software

Adware
A phishing attack aimed at stealing your personal information
Ransomware that encrypts your files and demands payment

6. Recently, your company suffered data theft from company-owned mobile telephones.

You are a cybersecurity administrator and have been tasked with protecting the data stored on company mobile phones. Which of the following can be used to protect data stored on mobile telephones? Select the BEST TWO.

VPN software
Strong passwords
Remote wipe
Screen locks
Cable locks

7. In the last month, there has been a rise in the number of watering hole attacks. Which of the following BEST describes the goals of a watering hole attack?

A. Installing ransomware on the target's computer

B. Gaining unauthorized access to a specific user's email account

C. Compromising a frequently visited website to infect its visitors with malware

D. Tricking users into sharing sensitive information through deceptive emails

8. Which of the following is a distinguishing feature of a business email compromise

(BEC) attack?

A. It involves targeting individuals through text messages

B. The attacker poses as a legitimate brand or organization

C. It relies on compromising frequently visited websites

D. It involves infecting the target's computer with malware

9. A company executive was researching cloud computing. The executive typedwww.microsooft. com into their web browser to get to the Microsoft home page but was redirected to a website with a slightly different home page than expected. What type of attack is this?

Brand impersonation
Typosquatting
Watering hole attack
Whaling

10. Which of the following scenarios best describes the concept of disinformation?

Emily shares an article from a reputable news source about climate change
Liam fact-checks information before including it in his research paper
Alex creates a social media account to impersonate a celebrity
Maya engages in a constructive discussion with her colleagues about office policies

1. A user has reported to the security team that they left their laptop logged in and unattended. This laptop has a certificate that they use to access the payroll application. What should the security administrator do first?

Revoke the certificate for the payroll application
Get the user to make a statement
Add the certificate to the CRL
Report the user to their line manager

2. After some routine checks of a company's virtual network, three rogue virtual machines were found connected to the network. These machines were overutilizing resources. What should be

done to prevent this from happening again?

(Select TWO.)

Implement manual procedures for
VM provisioning, utilization, and decommissioning, focusing on careful oversight and deliberate decision-making
Craft explicit guidelines for the provisioning, utilization, and eventual decommissioning of Virtual Machines (VMs)
Employ automated solutions to instantiate virtual machines (VMs) by leveraging predefined templates and established configurations
Avoid using predefined templates and automated tools to adapt swiftly to dynamic workload requirements

3. The CEO of a company is going on a trip and taking their company mobile phone with them. They will be listening to music on this phone using earbuds. What security practice should you advise them to follow after each session of the mentioned phone usage? (Select the MOST secure option.)

Turn off the phone's Bluetooth
Turn off the phone's Wi-Fi
Clean the earbuds
Change the Bluetooth username and password

4. A company is going to use a third-party service to develop a new human resources application that will hold sensitive information. Which of the following is the GREATEST risk that they will encounter?

Outsourcing of some of the code development to their supply chain
Weak configurations
Default settings being used on the application
Integration with current applications

5. A company recently encountered security breaches resulting in the unauthorized acquisition of sensitive data. What proactive measure can the security team adopt to effectively minimize the potential for such data breaches in the future?

Use default settings
Implement host-based firewalls
Limit the use of admin accounts
Implement Data Loss Prevention (DLP)

6. In a security incident, a user's password was compromised through a relentless and automated attack on their account.

What proactive measure can organizations adopt to counteract this kind of threat and enhance authentication security?

Deployment of Multi-Factor
Authentication (MFA)
Periodic password rotation for all user accounts
Implementation of robust intrusion detection systems
Captcha integration for stronger bot detection

7. A USB drive is discovered on the reception floor of an office. What distinct cybersecurity threat will it pose if plugged into a computer?

A. Unauthorized cloud storage access

B. Potential device overheating

C. A malicious USB attack

D. Incompatibility with software

8. What are the unique risks associated with purchasing software from a market stall?

(Select TWO.)

A. No proof of purchase

B. Uncertain origin and authenticity

C. Inadequate customization features

D. Poor physical packaging and manuals

9. What is a "VM escape" in the context of virtualization and cybersecurity, and why is it significant in virtualized environments?

A. A method to enhance virtual machine

(VM) performance by optimizing resource allocation

B. A process of securely transferring VMs between different host servers

A breach where an attacker gains unauthorized access to the host system from within a virtual machine
A technique to create virtual machine templates for rapid deployment of applications

10. When incorporating a third-party library to aid in code development, what potential security risk should developers be particularly cautious of, and why is awareness crucial in mitigating this risk?

Code complexity, leading to performance degradation
Incompatibility with existing software systems
Exposure to vulnerabilities within the library code
Dependency on external developers for maintenance1. On Monday morning at 9 am, the files of a company's Chief Financial Officer (CFO) are deleted without any warning. The IT Support team restored the data, but on the following Monday morning at 9 am, the files were again deleted. Which of the following BEST describes this type of attack?
A. A logic bomb
B. A buffer overflow
C. A Trojan
D. A rootkit
2. You are the lead cybersecurity analyst at a large financial institution. Lately, your organization has been facing a series of security incidents. In one incident, sensitive customer data was stolen, leading to a data breach. In another, an employee's computer was compromised, and suspicious activity was detected on the network. After a thorough investigation, you discover that, in both incidents, the attackers used malware that disguised itself as a legitimateprogram and allowed unauthorized accessto the affected systems. What type of cyberattack best describes the scenario?
1. A DDoS attack
2. A logic bomb
3. Trojan
4. A phishing attack
3. Your organization's network security team has detected a series of incidents where user accounts were repeatedly locked out.
These incidents have caused disruptions in employee productivity and raised concerns about potential security threats. What type of cyberattack is most likely responsible for the repeated account lockouts described in the scenario?
1. A logic bomb
2. A brute-force attack
3. A Trojan
4. A DDoS attack
4. You recently discovered that your online bank account was compromised and unauthorized transactions were made.
After investigating, you found that someone had recorded your bank account password without your knowledge. What is the term for the type of malware that may have been used to record your password?
1. Hardware encryption
2. A web development language
3. A keylogger
4. An APT
5. In a cybersecurity investigation, you discover that attackers gained unauthorized access to multiple user
accounts on a popular social media platform. The attackers then used the stolen credentials to gain access to a company network. Which of the following attacks was carried out?
1. SQL injection
2. Phishing
3. Credential stuffing
4. Credential harvesting
6. A popular online retail website recently experienced severe disruptions in its services, rendering the site inaccessible to users during peak shopping hours. After investigation, it was determined that the site was flooded with a massive volume of illegitimate traffic, overwhelming its servers. What type of cyberattack is most likely responsible for these disruptions?
1. A Man-in-the-Middle (MitM) attack
2. A ransomware attack
3. A DDoS attack
4. A DoS attack
7. You are an IT administrator responsible for the security and maintenance of a web array for a large organization. You discover that an attacker can access files outside the web root directory by manipulating input parameters. This could potentially lead to unauthorized access to sensitive files on the server. What type of vulnerability is this scenario describing?
A. A Cross-Site Scripting (XSS)
vulnerability
1. A directory traversal vulnerability
2. A SQL injection vulnerability
3. Cross-Site Request Forgery (CSRF)
8. What type of attack occurs when two different inputs produce the same hash output in systems that rely on unique hash values? Select the BEST answer.
1. A buffer overflow attack
2. A pass-the-hash attack
3. A resource exhaustion attack
4. A collision attack
9. In a network security audit, you discover that an attacker successfully intercepted
an encrypted communication between a client and a server, downgrading the secure connection to an unencrypted one.
As a result, the attacker could eavesdrop on sensitive data. Which of the following is the BEST description of this type of cyberattack?
1. A TLS/SSL downgrade attack
2. A buffer overflow attack
1. An SSL stripping attack
2. A CSRF attack
10. In a security assessment, you noticed a pattern of login attempts where an attacker systematically tried common passwords across multiple user accounts, with long intervals between attempts to evade detection. What type of cyberattack is this scenario describing?
1. A brute-force attack
2. A credential stuffing attack
3. A password spraying attack
4. An XSS attack

1. In a large enterprise network, the human resources department and the IT department each require isolation from the rest of the company's network. Which of the following is the MOST appropriate security technique to achieve this isolation while still allowing these departments to communicate internally?

A. Creating a VLAN for each department

B. Physical segmentation

C. An ACL

D. A NAT

2. In an enterprise environment, a user wants to install a game on their workstation, which is against company policy. What is the most effective mitigation technique to prevent the user from installing the game?

A. Implementing strong firewall rules to block gaming websites

B. Using intrusion detection systems to monitor the workstation

C. Creating an application allow list

D. Increasing user privileges to allow game installations

3. You are the cybersecurity administrator for a multinational corporation where one of your enterprise's domain controllers has been infected with a virus. What is the first step you should take to mitigate the situation and prevent the further spread of the virus?

Shut down the domain controller immediately
Disconnect the domain controller from the network
Run a full antivirus scan on all computers in the network
Increase firewall rules for the domain controller

4. You are the network administrator for an organization whose critical systems have been compromised by a zero-day vulnerability. The attack has already caused significant damage, and the security team needs to respond promptly. Which of the following patch management strategiesshould the organization prioritize to mitigate further damage and prevent future attacks?

Isolate the compromised systems from the network to prevent further spread of the attack until a patch has been developed
Apply the latest patches immediately to all systems, regardless of their criticality
Roll back all affected systems to their previous state before the attack occurred, restoring them to a known secure configuration
Implement additional network monitoring and intrusion detection systems to monitor for any further malicious activity

5. Following an audit by a third-party auditor, an enterprise decides to implement additional mitigation techniques to secure its digital infrastructure. What is the primary purpose of this approach? (Select the BEST solution.)

To provide real-time protection against physical cyber threats
To eliminate all potential vulnerabilities within the network
To maximize the organization's network speed and performance
To reduce the risk and impact of security incidents

6. What are the two roles of a SOAR system in cybersecurity? (Select TWO.)

To provide real-time protection against cyber threats
To eliminate all potential vulnerabilities within a network
To automate and streamline incident response processes
To release IT staff to deal with more important tasks

7. Which of the following statements best describes the role of mitigation techniques in the context of enterprise security?

Mitigation techniques are only relevant after a security breach has occurred
Mitigation techniques are designed to identify and classify all vulnerabilities in a network
Mitigation techniques aim to reduce the likelihood and impact of security incidents
Mitigation techniques focus solely on data backup and recovery strategies

8. In an enterprise security setup, which technology is primarily responsible for collecting, analyzing, and correlating logs from multiple sources, helping to detect and respond to security incidents in real time?

A vulnerability scanner
EDR
SIEM
SOAR

9. Which of the following cybersecurity solutions is primarily responsible for

scanning the enterprise network for missing patches and software flaws? (Select the BEST TWO.)

A credentialed vulnerability scan
EDR
SIEM
SOAR
Nessus

10. Following a malware attack on an AutoCAD machine, which of the following cybersecurity solutions should a company utilize to detect similar threats early and prevent them from recurring in the future?

EDR
SIEM
SOAR
A credentialed vulnerability scanner

1. You are a system administrator, and you wish to deploy the cloud service that would give you most control. Which of the following cloud services should you deploy?

Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Security as a Service (SECaaS)

2. What is the easiest way for a cloud administrator to deploy resources?

Software as a Service (SaaS)
Internet of Things (IoT)
Security as a Service (SECaaS)
Infrastructure as Code (IAC)

3. A network engineer is going to deploy an air-gapped network for a research and development network. What tool will they use to upload and download data from the research and development computers?

Bluetooth
USB
SSH
Cellular

4. You are a systems administrator planning to host applications with a cloud service provider. You have been informed that budget is limited. Which of the following is the most cost-effective solution for hosting the applications?

A. Software as a Service (SaaS)

B. Infrastructure as Code (IAC)

C. Containers

D. Serverless Environment

5. A developer has been set a task to host applications in the cloud based on the following criteria:

• Applications should be easily deployed across different architectures

• Applications are not dependant on any operating system

• The architecture allows isolation of the applications

Which of the following solutions will they deploy to meet these criteria?

Containers
Virtual Desktop Infrastructure (VDI)
Platform as a Service (PaaS)
Microservices

6. Which of the following cloud services gives you more control of your environment?

Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Security as a Service (SECaaS)

7. A company has an array of identical webservers and attracts a high volume of web traffic. Which of the following devices will help fulfill the requests of the web clients?

Web Application Firewall (WAF)
Secure Web Gateway (SWG)
Load Balancer
Cloud Access Security Broker (CASB)

8. Over the previous two winters, a company in Scotland has suffered from severe flooding due to weather events, impacting the company's servers. This prevented the company from being fully operational.

Which of the following should the company consider implementing to mitigate these issues?

A. Clustering servers

B. Geographic dispersion

C. Load balancers

D. Off-site backups

9. Which of the following refers to the process of dividing a larger network into smaller pieces at Layer 3?

A. VLAN

B. Subnetting

C. Segmentation

D. NIPS

10. A global automotive company headquartered in New York encourages

decision-making at local levels and grants regional divisions and subsidiaries autonomy in designing and producing vehicles suited for their respective markets.

Which of the following best describes this business model?

Centralized Business Model
Decentralized Business Model
Hybrid Business Model
Franchising Business Model

1. You are the network administrator for a multinational corporation with a large, complex network environment in which security considerations are paramount.

The IT manager has asked you to explain to the board of directors why you have recommended that they include a stateful firewall in next year's budget to enhance your cybersecurity posture. Which of the following is the BEST description of why the organization should purchase a stateful firewall?

To filter packets based solely on IP addresses and port numbers
To analyze network traffic patterns and detect anomalies in real time
To improve network performance by caching frequently accessed data
To create a secure tunnel for remote access between two network segments

2. A multinational corporation is planning to implement a new network security

strategy to protect its sensitive data. They have several remote offices worldwide, and their employees frequently travel and work remotely. The company is concerned about potential security threats and data breaches and wants to enhance security while still ensuring seamless connectivity. Which of the following network security measures would be most suitable for their needs?

Implementing a site-to-site VPN to secure communication between office locations
Enforcing 802.1X authentication for wireless and wired network access
Using DNS Round Robin for load balancing across their web servers
Deploying a Web Application Firewall
(WAF) to protect against online threats

3. A cybersecurity firm needs a solution to the secure management and monitoring of its clients' sensitive systems that will minimize the exposure of client networks to potential threats. What network security approach should they adopt? Select the BEST option:

Implementing a reverse proxy server for client connections
Deploying a jump server within the location of the sensitive data
Using IPsec transport mode for data encryption
Enforcing 802.1X authentication for client access

4. A large financial institution is concerned about protecting customer data from potential breaches. They want a real-time solution that can actively inspect and block network threats. Which of the following network security devices or technologies should they consider?

A jump server for secure remote access
A load balancer to distribute website traffic
An inline Intrusion Prevention System (IPS)
Layer 7 firewall rules for web application security

5. A multinational corporation wants to enhance security and privacy for its employees' internet usage. They also aim to optimize bandwidth utilization. Where should they place proxy servers to achieve these goals?

Inside the Local Area Network (LAN)
near employee workstations
In front of the web server hosting the company's public website
At the edge of the screened subnet between the internet and internal network
Between the firewall and external network routers

6. A medium-sized manufacturing company wants to restrict access to its sensitive production network. They need a solution to filter incoming and outgoing traffic based on specific rules. What network device or technology is the BEST choice for this?

A. A Unified Threat Management (UTM)

firewall

B. IPsec transport mode for data encryption

C. Access Control Lists (ACLs) for traffic filtering

D. A load balancer for distributing network traffic

7. A healthcare organization handles sensitive patient records and, as such, must comply with strict data privacy regulations. They want to establish a comprehensive network security solution to prevent exfiltration of this data. Which of the following options BEST fits their requirements?

A. Using a reverse proxy server for web application security

B. Enforcing 802.1X authentication for network access

C. Deploying a UTM firewall

D. Implementing IPsec transport mode for secure data transmission

8. A rapidly growing start-up has recently expanded its online services to offer customers a wide range of new features.

However, the Chief Technology Officer (CTO) is concerned about the increasing attack surface. What measures should they take to minimize potential vulnerabilities?

Select the BEST option:

Implementing a WAF for real-time threat protection
Regularly conducting security audits to identify and address vulnerabilities
Enforcing 802.1X authentication for employees accessing the internal network
Using DNS Round Robin for load balancing across multiple servers

9. What are the key differentiators between

Layer 4 and Layer 7 firewalls?

Layer 7 firewalls operate at the network layer, providing better performance
Layer 4 firewalls perform deep packet inspection for advanced threat detection

C. Layer 7 firewalls can inspect and block traffic based on application-specific content

D. Layer 4 firewalls provide more granular access control for user authentication

10. A large enterprise hosts critical web applications internally and wants to ensure their security. They're considering the use of a reverse proxy server. In what way can this enhance the security of their web applications?

A. By encrypting internal network communications

B. By optimizing load balancing for web traffic

C. By providing a secure gateway for external users

D. By enforcing strong password policies for web application users

Chaotically 12

1.You are tasked with protecting sensitive information that includes personally identifiable data subject to strict privacy laws. Which data type should you focus on safeguarding?

A.Regulated

B.Trade secrets

C.Intellectual property

D.The results of an internal audit

2. A multinational corporation stores sensitive customer data. To comply with data privacy regulations, it implements a method to restrict access to this data to the sales team, based on which hotel they are in while they are on national and international sales trips. Which security method are they using?

Geographic restrictions
Encryption
Masking
Hashing

3. Your organization holds a portfolio of patents, copyrights, and trademarks. What category of data types do these assets fall under?

Regulated
Trade secrets
Intellectual property
Legal information

4. A financial institution wants to protect sensitive customer transactions during online communication. What method should they employ to transform the data into unreadable code?

HTTP
Hashing
TLS
Tokenization

5. You work for a company that sells mortgages and maintains customer account information and transaction records. What data type is MOST relevant to the company?

Regulated
Legal information
Intellectual property
Financial information

6. An organization wants to protect the passwords stored in its database. It uses a method that transforms passwords into

unique, fixed-length strings of characters, making it difficult for attackers to reverse-engineer the original passwords. Which security method are they using?

A. Encryption

B. Hashing

C. Obfuscation

D. Segmentation

7. A network engineer used Wireshark to capture some network packet traces that were saved as PCAP files. Later that day, they were subnetting using binary. What data type best describes these different types of data?

A. Regulated

B. Human-readable data

C. Intellectual property

D. Non-human-readable data

8. You want to make a new will and leave all of your money to a dog sanctuary. Which data type is the MOST relevant to your task?

A. Regulated

B. California Consumer Privacy Data

C. Intellectual property

D. Legal information

9. A healthcare provider needs to share patient records with researchers while also protecting patient privacy. They use a method that replaces patient names with pseudonyms, such that individuals cannot be identified. Which security method does this describe?

A. Masking

B. Tokenization

C. Permission restrictions

D. Obfuscation

10. A software company plans to create an application that will hold sensitive information and, therefore, wants to protect its proprietary source code from unauthorized access. Which of the following methods should they use to protect the source code?

A. Geographic restrictions

B. Hashing

C. Masking

D. Obfuscation

1. A large corporation is setting up a web array, consisting of eight web servers, to sell goods on its e-commerce website. It has been decided that they will purchase F5 load balancers so that their web traffic can be optimized for speedy customer delivery.

Which of the following BEST describes why load balancing is useful in this scenario?

Load balancing will ensure that only authorized users can gain access to the network
Load balancing will provide redundancy for critical data storage
Load balancing will evenly distribute network traffic to prevent bottlenecks
Load balancing will monitor user activity to identify potential threats

2. A cybersecurity organization has spent six months rewriting its incident response procedures for a client. Which of the following would be the BEST method to evaluate the new procedures with the least administrative overhead?

Failover
Parallel processing
A simulation
A tabletop exercise

3. During a meeting of all department heads, the CEO of a company requests information regarding staffing needs to relocate the entire company to an alternative hot site following a disaster. Which of the following BEST describes the CEO's primary objective in seeking this information?

A. Business continuity

B. Labor costing

C. Capacity planning

D. Operational load distribution

4. Over the past six months, a company has suffered power failures about once a week.

This has affected business operations, and the company is now moving to the cloud.

Which of the following cloud features would be beneficial to company operations?

A. Cloud backups

B. Redundant power

C. Geographic dispersion

D. Reduced cost

5. An organization has a site in a remote location that has been suffering intermittent power outages that last between 3 and 10 seconds. Which of the following should the company implement so that the servers can maintain power for up to 10 seconds to shut down gracefully?

A generator
An uninterruptible power supply
A managed power distribution unit
An additional power unit on each server

6. A legal department has been advised by a third-party auditor that it needs to maintain a log of all incoming and outgoing emails, due to data compliance. This data must be retained for a period of three years. Which of the following is the BEST solution?

Journalling
Weekly backup
Daily backup

D. Clustering

7. You are managing a large-scale scientific simulation project that requires you to perform complex calculations on massive datasets. To optimize the project's performance, you need to choose the right processing technique. Which technique would be most effective to accelerate your simulation's calculations and manage the massive datasets efficiently?

Sequential processing
Multithreading
Parallel processing
Batch processing

8. Which of the following plans is the MOST appropriate for setting out how you inform company stakeholders of an incident without alerting the general public?

A disaster recovery plan
An incident response plan
A business continuity plan
A communication plan

9. Which of the following is the BEST backup and restore solution to utilize in a Virtual Desktop Infrastructure (VDI) environment?

A full daily backup
A snapshot
A failover cluster
A differential backup

10. In a data center, which device provides controlled power distribution to servers and networking equipment, ensuring efficient power management and protection against overloads?

An uninterruptible power supply
A generator
A managed power distribution unit
A redundant power supply

Chapter 14

1. During software development and distribution, what multifaceted purpose does code signing primarily serve?

Validating the software's source and integrity while enhancing trustworthiness
Improving code performance and execution speed for an optimal user experience
Simplifying the software installation process for end users
Ensuring compatibility with legacy systems and reducing system resource overhead

2. You are a systems administrator for a large multinational corporation and have

recently failed a third-party audit, due to two outdated mail servers' patches. The audit recommended that you implement the current CIS benchmarks. Which of the following is the most likely reason for this recommendation?

To enhance system performance and resource utilization
To ensure you follow industry-standard security configurations
To automatically patch the servers
To streamline data backup and recovery procedures

3. What does the term "Bluesnarfing" refer to in the context of wireless technology?

The process of gaining unauthorized access from a Bluetooth-enabled device to steal sensitive data
A method for increasing the range of Bluetooth connections
An authentication protocol used in
Bluetooth pairing
A technique for enhancing the audio quality of Bluetooth audio devices

4. What is the primary purpose of conducting a wireless site survey?

Identifying and eliminating network bottlenecks
Ensuring compliance with environmental regulations
Assessing and optimizing wireless network coverage and performance
Evaluating the physical security of network infrastructure

5. When hardening a mobile device, what security measure should you prioritize?

Disabling screen locks
Enabling automatic software updates
Enabling full device encryption and strong passcodes
Enabling geolocation services for enhanced tracking

6. Your office is currently being refurbished, and while this renovation is ongoing, you have been moved to a vacant office opposite

your normal place of work. When you arrive at the new office, you try to connect your laptop to the corporate Wi-Fi but are unsuccessful. Thirty minutes later, you appear to have an internet connection with the same SSID as the corporate network, but it seems to be slower than normal. You are not able to connect to the corporate file servers but, on investigation, data has been stolen from your laptop. Which of the following BEST describes this type of attack?

A rogue access point
A remote access Trojan
A rootkit
Evil twin

7. Consumers of an online marketplace have complained that items added to their cart suddenly increase tenfold from their advertised purchase price. The website developer intends to correct this error by implementing input validation to accomplish which of the following?

A. Optimizing code execution speed

Preventing security vulnerabilities and data manipulation
Enhancing the graphical user interface
(GUI)
Ensuring backward compatibility with older systems

8. You are a developer for a multinational corporation, currently working on bespoke software packages for a customer. As part of your quality control, you need to ensure that your software can withstand various attacks without crashing. One such attack is fuzzing, which is a technique whereby an attacker injects unexpected or invalid input into your software to identify vulnerabilities. Which of the following BEST describes the testing methods that should be employed to ensure that the software is resilient to this specific attack?

Code documentation
Dynamic code analysis
A manual code review
Regression testing

9. A large multinational corporation has just upgraded its wireless networks at two production sites. One of the sites has no issues, but connectivity at the other site has problems, with some areas not getting strong signals or having connection issues.

Which of the following is the BEST solution to identify the problems at the production site that is having issues?

A network diagram
A site survey
A Wi-Fi analyzer
Heat maps

10. A student has recently purchased a new mobile phone. Immediately following activation, the phone displays a message indicating that the device is pairing. How can the student prevent it from happening again in the future? (Choose TWO.)

By combining multiple Bluetooth devices into a single network
By activating Bluetooth connectivity on a device

1. You have just received a shipment of 10 desktop computers from a third-party vendor. However, these computers are no longer operational, and the vendor wants to use your company to dispose of the computers securely. What is the MOST essential action you need to carry out in this situation?

A. Pay for the destruction

Obtain a destruction certificate
Develop a maintenance schedule for the computers
Remove them from your inventory list of computers

2. In a top-secret government facility, an intelligence officer needs to dispose of classified documents that contain highly sensitive information. Which of the following is the most effective method for securely destroying these documents?

Shredding the documents into small, unreadable pieces using a high-security shredder
Sending the documents to a certified document destruction company
Placing the documents in a recycling bin for eco-friendly disposal
Burning the documents in a designated incinerator until they turn to ash

3. In a large corporate network, the IT team needs to perform a comprehensiveenumeration of all connected devices to assess their security posture. Which of the following tools is the most suitable choice for this task?

A custom-built network scanning tool designed specifically for the organization's network infrastructure
A commercial software package known for its user-friendly interface and
support services
A well-established open-source network scanning tool (NMAP) renowned for its flexibility and extensive capabilities
A manual approach of individually inspecting each device, noting their details, and compiling a network inventory

4. In a highly sensitive data center environment, where data security is paramount, the IT team needs to decommission and dispose of a hard drive from a server. They want to ensure that no data can be recovered from the drive. Which of the following methods is the MOSTeffective for for securely disposing of the hard drives?

Physically smashing the hard drive into small pieces using a sledgehammer until it is completely destroyed
Submerging the hard drive-in water for an extended period, followed by exposure to a powerful magnetic field
Using an approved shredder to destroy the hard drive
Placing the hard drive in a recycling bin designated for electronic waste, ensuring environmentally responsible disposal

5. In the context of cybersecurity, what does the term "enumeration" MOST COMMONLY refer to?

Listing all the potential vulnerabilities in a system to assess its security posture
The process of identifying and listing network resources and services, such as user accounts and sharesEncrypting sensitive data to protect it from unauthorized access
The act of physically securing data centers and server rooms to prevent breaches

6. Which of the following is the responsibility of a data owner? (Select two)

Ensuring network security measures are in place to protect assets
Ensuring that only authorized individuals can interact with the assets
Overseeing the disposal and decommissioning of assets
Managing software licenses associated with the asset
Implementing cybersecurity policies for the entire organization

7. You work for a large organization that has just experienced a cyber incident that has caused significant disruption to its IT infrastructure. In this critical situation, which of the following BEST attributes willdetermine which assets are to be prioritized to get them up and running?

The financial value of the affected assets
The assets' proximity to the incident's point of origin
The assets' classification and their availability
The age of the affected assets and their warranty status

8. A large organization's finance department has brought in a hard drive for data sanitization. They want to reuse the hard drive after the data is destroyed. Which of the following methods of data destruction will fulfil this requirement? Select the BEST TWO Options.

Wiping
Degaussing
Pulverizing
Overwriting

9. You are working in the second line of IT support in an organization, and you have received a shipment of fifty new laptops.

You need to unbox them, label them, and deliver them to the relevant departments.

You are going to add those laptops to the asset register, prior to labelling the laptops.

Which of the following should be the first consideration?

Department location
Laptop specifications
Name of the laptop's owner
Standard Naming Convention

10. A medical center in New York has been upgrading all its systems and has been sanitizing data that is no longer useful.

However, 70% of this data was not sanitized. Which of the following is the BEST reason that this data was not sanitized?

Broken Shredder
Intellectual Property concerns
Data Retention requirements
D. Data was encrypted

1. The board of directors of an organization is convening to decide on its vulnerability management policies. What key framework or system will help them prioritize vulnerabilities effectively?

CVSS
CMS
CVE
SEO

2. A multinational technology company is seeking to enhance its cybersecurity defenses. To achieve this, they have launched a bug bounty program, inviting security researchers, ethical hackers, and cybersecurity enthusiasts to participate.

Which of the following describes the benefit and objective of a Bug Bounty?

The organization intends to identify and fix security vulnerabilities, while participants earn rewards and contribute to overall online safety
The organization seeks to promote its products, while participants receive free access to its premium services
The organization aims to reduce security expenses, while participants gain monetary rewards and experience
The organization expects the bug bounty program to serve as a substitute for regular security audits, ensuring comprehensive vulnerability assessment

3. A cybersecurity team conducts vulnerability assessments using both credentialed and uncredentialed scans.

Which type of scan would MOST likely identify missing patches for third-party software on Windows workstations and servers?

A. A scan of vulnerabilities associated with known malware signaturesNon-credentialed scans exposing open ports

A scan of unauthorized access attempts on the organization's firewall
Credentialed scans with valid access credentials

4. Which network is commonly associated with providing anonymous access to the internet, making it a preferred choice for users seeking privacy and anonymity?

5. A security researcher is conducting an in-depth analysis of a cyber adversary's infrastructure and tactics, techniques, and procedures (TTPs). To effectively track and document the activities of this adversary, the researcher is looking for a source specifically for this purpose. Which of the following sources will the researcher MOST likely use?

MITRE ATT&CK
SCAP
OSINT
Threat Feeds

6. A security analyst is reviewing the vulnerability scan report for a web server following an incident. The vulnerability that exploited the web server is present in historical vulnerability scan reports, and a patch is available for the vulnerability.

Which of the following is the MOST probable cause of the incident?

An untested security patch update overwrote the existing patch
The scan reported that a false negative identified the vulnerability
The CVE list updating the vulnerability scan was not updated
A zero-day vulnerability was used to exploit the web server

7. An organization is encountering challenges with maintaining and securing a decades-

old computer system that plays a critical role in its operations. Which of the following is the MOST likely reason for these challenges?

Inadequate employee training on the legacy system
A lack of available hardware resources for the legacy system
The absence of up-to-date antivirus software on the legacy system
Lack of vendor support for the legacy system

8. An organization is going to share cyberthreat intelligence data with external security partners. Which of the following will the company MOST likely implement to share this data?

TAXII
TLS
STIX
CVE

9. In the context of cybersecurity, risk tolerance refers to:

The maximum amount of risk an organization is willing to accept without mitigation
The percentage of risk reduction achieved through security controls
The amount of risk that is remaining after mitigation
The amount of inherent risk a company has

10. During a routine security scan of a corporate network, the security system failed to detect a critical vulnerability in a widely used software component. This vulnerability had a known patch available, but the security system did not flag it as a threat. Subsequently, a cyber attacker exploited this vulnerability, leading to a significant data breach. What type of assessment outcome does this scenario

represent?

A. True Positive

False Positive
False Negative
True Negative

1. Your antivirus software scans a file and reports that it is free from malware.

However, upon closer examination, it is discovered that the file does, in fact, contain a previously unknown malware variant.

What type of result does this scenario represent?

True positive
False positive
True negative
False negative

2. Your organization is integrating a new system into its existing network and wants to ensure that the new system is secure before putting it into operation to protect the network and sensitive data. What is the MOST IMPORTANT security measure

to take before putting the new system into operation, and why?

Configuring the firewall rules
Installing the latest antivirus software
Running a vulnerability scan
Updating the system's drivers

3. What advantage does a credentialed scanner have over a non-credentialed scanner when it comes to network security assessments?

Access to network traffic data for realtime monitoring
Ability to identify open ports and services on target systems
Visibility into missing patches for third-party software
Enhanced encryption capabilities for secure data transmission

4. In your organization, a recent incident occurred in which sensitive personally identifiable information (PII) was not encrypted, leading to data exfiltration.

This incident has raised concerns about the security of sensitive data within the organization. What is the MOST effective security measure to prevent such incidents?

Implementing strong passwords for user accounts
Conducting security awareness training for employees
Regularly updating antivirus software
Deploying DLP solutions

5. You are the IT administrator in charge of network security at your organization. Your organization's Security Information and Event Management (SIEM) system has just detected a virus on the network. The SIEM system has alerted you to the potential threat, and you need to take immediate action to address it. What should you do FIRST?

Immediately delete the virus to prevent further damage
Isolate the infected system from the network
Contact law enforcement to report the cyberattack
Run a full system scan to identify the extent of the infection

6. An engineer installs a new monitoring system in a complex network environment.

On the first night after installation, the system generates thousands of errors and alerts, overwhelming the team. What is the MOST likely reason for the system generating thousands of errors and alerts on the first night?

The monitoring system is faulty and needs replacement
The network environment is too secure, leading to false alerts
The alerts have not been properly tuned for the specific environment
The network devices are outdated and incompatible with the monitoring system
7. Which of the following tasks can a vulnerability scanner BEST use to assess the security posture of a system?
1. Checking for missing patches and software flaws
2. Enforcing strict access control policies
3. Assessing compliance with CIS benchmarks
4. Monitoring real-time network traffic
8. You are the IT manager in a large organization that operates a complex network environment. This environment collects data from various sources, including firewalls, servers, network devices, and applications. Which of the following is the primary component responsible for correlating the log files from these sources to identify potential security threats and anomalies?
1. Syslog Server
2. Credentialed Vulnerability Scan
3. Data analysts
4. D. Security Information and Event
  Management (SIEM) system
  9. You are the network administrator for a large organization with a complex network infrastructure that includes numerous network devices such as routers, switches, and servers. Your responsibility includes monitoring these network devices in realtime and providing status reports to ensure smooth network operation and early detection of issues. Which of the following systems will you use to complete these tasks?
  1. SIEM
  2. Syslog
  3. SNMP
  4. Agentless Monitor
  10. You are the chief information security officer of a large organization, and you are responsible for managing cybersecurity risks and vulnerabilities. A critical part of your role is assessing the impact of vulnerabilities on the organization's assets, taking into account factors likeconfidentiality, integrity, and availability.
  Which of the following is the BEST tool for your operations?
  1. NIST
  2. CIS
  3. CVE
  4. CVSS
1. A company has recently delivered a presentation on the use of secure protocols and is testing the attendees on the information being delivered. Match the insecure protocols (on the left) with their secure replacements (on the right). Choose the correct pairing for each. (SELECT all that apply):
Insecure Protocol
Secure Protocol
A
Telnet
SSH
B
HTTP
HTTPS
POP3S
HTTP
D
SMTP
POP3S
E
HTTP
IMAPS
F
FTPS
SMTPS
G
FTP
SFTP
2. What does DMARC provide in email security?
1. End-to-end encryption of email messages
2. Real-time monitoring of email server performance
3. Sender authentication and reporting on email authentication results
4. Automatic filtering of email attachments
3. To prevent phishing attacks and improve email deliverability, which type of DNS record should you create to specify authorized email servers for your domain?
1. A PTR record
2. A TXT record
3. An MX record
4. An A record
4. You are the IT administrator for a medium-sized company that takes email security and data protection seriously. As part of your responsibilities, you oversee theconfiguration and management of your company's mail gateway, which is a crucial component of your email infrastructure.
One of your tasks is to ensure that the mail gateway effectively blocks certain types of content to prevent security breaches and data leaks. One day, you receive a report from your security team that an email with potentially harmful content almost made its way into your company's inbox. This incident prompts a review of the types of content that are often blocked by your mail gateway.
Which of the following is a type of content often blocked by a mail gateway?
1. Router Configuration Data
2. Email containing sensitive personal information
3. Phishing Email
4. Firewall Log Data
5. A company wants to prevent employees from sending sensitive customer information via email. Which DLP action should they implement to achieve this?
A. Blocking specific email domains
Encrypting all outgoing emails
Implementing content inspection and keyword detection
Restricting email attachments

6. A company has recently delivered a presentation on the use of secure protocols and is testing the attendees on the information being delivered. Can you match the insecure port numbers (on the left) with their secure replacements (on the right). Choose the correct pairing for each.

	Insecure Protocol	Secure Protocol
A.	80	443
B.	22	23
	21	22
D.	25	587
E.	80	993

F.	23	22
	143	993

7. You are the network administrator for a small business, and you are configuring a firewall for the very first time. You find the complex network firewall challenging.

There seems to be an issue with some traffic getting blocked unintentionally. Below are four firewall rules currently in place:

Rule #	Action	Protocol	Source IP	Destination IP	Destination Port
	BLOCK	TCP	192.168.1.0/24	0.0.0.0	80
2	ALLOW	TCP	0.0.0.0	192.168.2.0/2 4	ANY
	ALLOW	TCP	192.168.3.0/24	0.0.0.0	443
4	ALLOW	TCP	192.168.4.12/24	192.168.4.0/2 4	22

Which rule(s) should you modify to resolve the complex issue and allow traffic to flow correctly while maintaining security?

A. Rule #1

Rule #2
Rule #3
Rule #4

8. A system administrator wants to ensure the integrity of critical system files on a Windows server. The system administrator needs to scan the system files and repair any anomalies. Which command or action should they employ for File Integrity Monitoring (FIM)?

Running "chkdsk /f" to check for disk
errors
Executing "sfc / scannow" to scan and repair system files
Enabling Windows Defender Antivirus
Executing "sfc /verifyfile" to scan and repair system files

9. In a Windows Active Directory environment, which tool or feature allows administrators to define and enforce computer and user settings, such as password policies and software installation restrictions?

Windows Defender
Group Policy
Windows Firewall
Microsoft Intune

10. In a Linux-based system, what does SELinux primarily provide in terms of security?

Mandatory access controls and fine-grained permissions
Real-time network monitoring
Antivirus scanning and malware protection
Secure boot and firmware integrity checks

1. In a secure authentication system, which type of authentication token relies on physical devices to generate authentication codes or keys?

Hard Authentication Tokens
Soft Authentication Tokens
Biometric Authentication Tokens
Hybrid Authentication Tokens

2. You are configuring secure access to an Apache web server. To enhance security, you enable passwordless access. Which technology should you primarily use for this?

HTTPS with SSL/TLS
SSH keys
2FA
Username and password authentication

3. What is the main purpose of ephemeral credentials in the context of security?

To securely store passwords
To grant temporary access rights
To manage privileged accounts
To provide long-lasting access tokens

4. In a multi-factor authentication implementation, which of the following factors would be classified as a "something you are" factor?

Username and Password
OTP sent via SMS
Fingerprint Scan
Security Questions Answers

5. You have discovered that someone is using the same password for all their online accounts, including email, social media, and banking. What should you recommend implementing to enhance their online security?

2FA
Stronger encryption protocols
Regularly changing passwords
Password manager

6. How many factors of authentication does using a smart card involve?

Single
Two factors
Multiple factors
Dual-factor

7. In an organization, the IT security team wants to prevent users from recycling their passwords too frequently. Which security policy should they implement to achieve this goal?

Maximum password age
Minimum password age
Password complexity requirements
Account lockout policy

8. Which security concept involves granting users temporary administrative access rights for a specific task or period to reduce the exposure of privileged access? Select the BEST choice.

Just-in-time permissions
Password vaulting
Ephemeral credentials
Privileged access management

9. Two organizations are collaborating on a joint venture and need to establish secure access to shared resources. Which approach is most suitable for achieving seamless authentication and access control on these resources?

Password sharing
Identity proofing
Federation services
Provisioning user accounts

10. In a scenario where two organizations are sharing resources and need to implement secure identity federation, which service can they leverage to enable authentication and authorization between their systems?

LDAP
OAuth 20
SAML
Kerberos

1. You are an IT consultant tasked with explaining the use cases of automation and scripting related to secure operations to a group of business executives during a presentation. You need to clarify which of the following options is a use case for automation and scripting in the context of ensuring secure operations within an organization.

User provisioning
Cost management
Marketing strategy
Office space allocation

2. You are the chief information security officer of a medium-sized company, and you have been asked to present the benefits of automation and orchestration in secure operations to your executive team during a meeting. Which of the following is the BEST reason for introducing automation and orchestration in secure operations?

Increasing complexity
Slowing down response time
Enhancing efficiency
Encouraging employee retention

3. A cybersecurity analyst performs automated weekly vulnerability scans on their organization's database servers.

Which of the following describes the administrator's activities?

Continuous validation
Continuous integration
Continuous deployment
D. Continuous monitoring
4. You are the IT security manager of a midsized technology company, and you are conducting a training session for your IT team on the importance of enforcing security baselines. During the training, you want to emphasize the significance of adhering to security policies and standards.
Which of the following represents an example of enforcing baselines related to security?
1. Automating software updates
2. Regularly conducting security awareness training
3. Allowing unauthenticated access
4. Using weak passwords
5. Which consideration is crucial to avoid technical debt when implementing automation?
1. Complexity
2. Cost
3. Standardization
4. D. Speed of deployment
  6. You are the head of the cybersecurity department in a large financial institution, and you are meeting with your team to discuss improving incident detection and response procedures. You want to find a solution that allows your team to establish workflows for detecting four new types of incidents while incorporating automated decision points and actions based on predefined playbooks. Which of the following is the BEST solution?
  1. SOAR
  2. CASB
  3. SWG
  4. SIEM
  7. What is a key benefit of scaling in a secure manner using automation?
  1. Reducing efficiency
  2. Increasing security risks
  3. Adapting to changing workloads
  4. Encouraging technical debt
  5. 8. You are the director of IT operations for a large technology company, and you are conducting a staff training session on the importance of ongoing supportability in the context of automation and orchestration. Which of the following are the BEST reasons for ongoing supportability in the context of automation and orchestration? Select TWO.
    1. To increase complexity
    2. To enhance efficiency
    3. To sustain effectiveness
    4. To discourage employee retention
    9. You are the chief executive officer for a multinational corporation who just suffered a data breach. As part of the lessons-learned phase, the cybersecurity team needs to develop an early detection system to prevent such an incident in future. Which of the following should the cybersecurity team implement?
    A. Implement a Data Loss Prevention system

Implementing rules in the NGFW
Creating a playbook within the SOAR
Implement an audit trail so the incident can be tracked

10. Which of the following involves ten programmers' development all writing their own code and then merging it in a shared repository as soon as it is finished?

Continuous integration
Continuous deployment
Continuous validation
Continuous monitoring

User provisioning
Cost management
Marketing strategy
Office space allocation

Increasing complexity
Slowing down response time
Enhancing efficiency
Encouraging employee retention

3. A cybersecurity analyst performs automated weekly vulnerability scans on their organization's database servers.

Which of the following describes the administrator's activities?

Continuous validation
Continuous integration
Continuous deployment
D. Continuous monitoring
4. You are the IT security manager of a midsized technology company, and you are conducting a training session for your IT team on the importance of enforcing security baselines. During the training, you want to emphasize the significance of adhering to security policies and standards.
Which of the following represents an example of enforcing baselines related to security?
1. Automating software updates
2. Regularly conducting security awareness training
3. Allowing unauthenticated access
4. Using weak passwords
5. Which consideration is crucial to avoid technical debt when implementing automation?
1. Complexity
2. Cost
3. Standardization
4. D. Speed of deployment
  6. You are the head of the cybersecurity department in a large financial institution, and you are meeting with your team to discuss improving incident detection and response procedures. You want to find a solution that allows your team to establish workflows for detecting four new types of incidents while incorporating automated decision points and actions based on predefined playbooks. Which of the following is the BEST solution?
  1. SOAR
  2. CASB
  3. SWG
  4. SIEM
  7. What is a key benefit of scaling in a secure manner using automation?
  1. Reducing efficiency
  2. Increasing security risks
  3. Adapting to changing workloads
  4. Encouraging technical debt

8. You are the director of IT operations for a large technology company, and you are conducting a staff training session on the importance of ongoing supportability in the context of automation and orchestration. Which of the following are the BEST reasons for ongoing supportability in the context of automation and orchestration? Select TWO.

To increase complexity
To enhance efficiency
To sustain effectiveness
To discourage employee retention

9. You are the chief executive officer for a multinational corporation who just suffered a data breach. As part of the lessons-learned phase, the cybersecurity team needs to develop an early detection system to prevent such an incident in future. Which of the following should the cybersecurity team implement?

A. Implement a Data Loss Prevention system

Implementing rules in the NGFW
Creating a playbook within the SOAR
Implement an audit trail so the incident can be tracked

10. Which of the following involves ten programmers' development all writing their own code and then merging it in a shared repository as soon as it is finished?

Continuous integration
Continuous deployment
Continuous validation
Continuous monitoring

. You are the lead incident responder for a large organization's cybersecurity team.

During the Analysis phase of incident response, you discover a sophisticated malware infection on a critical server that contains sensitive data and supports critical business operations. What should be your immediate action?

Isolate the server and proceed with root cause analysis.
Disconnect the server from the network and restore from backups.
Immediately report the incident to legal authorities.
Conduct a tabletop exercise to assess incident response procedures.
2. You are the cybersecurity incident response lead for a financial institution.
You find yourself in the containment phase of incident response, addressing a ransomware attack that has struck multiple critical systems used for processing transactions and managing customer data.
What is the primary objective during this phase?
1. Isolate the affected critical system from the network
2. Eliminate the ransomware from affected systems.
3. Reimage the affected systems
4. Analyze the malware code to prevent future attacks.
3. During the preparation phase of incident response, what activities are typically involved?
1. Containing and eradicating threats in real-time.
2. Developing and documenting incident response procedures.
3. Reflecting on past incidents for improvement.
4. Restoring affected systems to normal operations.
4. You are a digital forensics investigator working for a law enforcement agency.
You have just begun a digital forensics investigation related to a cybercrime incident involving the theft of sensitive financial data from a major corporation.
As you gather electronic evidence on a criminal you use legal hold to assist in the investigation. Which of the following BEST describes the purpose of legal hold?
1. Safeguarding evidence from alteration or deletion.
2. Documenting the chain of custody meticulously.
3. Collecting digital evidence for analysis.
4. Retrieving electronic evidence for legal purposes.
5. Which of the following BEST describes the concept of "order of volatility" in digital forensics??
1. It determines the chronological sequence of incidents.
2. It specifies the order in which evidence should be collected.
3. It identifies the root causes of incidents.
4. It ensures evidence is securely preserved.
6. Which of the following BEST describes a
"Right to Audit Clause" in a contract?
1. It is the legal right to conduct an audit or inspection of a contract
2. It allows for the retrieval of electronic evidence for legal purposes.
3. It enables meticulous documentation of findings.
4. It provides the legal authority to conduct digital forensics.
5. 7. During a simulated incident response scenario, your team identifies a data breach involving customer information. What is the primary goal of the team during the analysis phase?
  1. Develop incident response playbooks for future incidents.
  2. Determine the scope and impact of the data breach.
  3. Eradicate the threat and recover the affected data.
  4. Prepare lessons learned documentation for stakeholders.
  8. Which of the following BEST describes the final phase of the incident response process?
  1. Containment
  2. Lessons learned
  3. Detection
  4. Recovery

9. Which of the following BEST describes the primary objective of root cause analysis?

Identifying and mitigating current threats.
Conducting digital forensics on affected systems
Developing incident response playbooks for future incidents.
Determining the fundamental issues contributing to incidents.

10. In digital forensics, what does the chain of custody primarily involve?

Placing evidence in a locked drawer in a secure office before going to lunch
Eradicating the root causes of incidents in a timely manner.
Documenting the handling and transfer of evidence throughout an investigation
Analyzing network traffic patterns to identify security vulnerabilities.

1. What type of log is used to record system-level events and security-related activities on an operating system? Select the BEST option.

Application logs
Network logs
Firewall logs
NIDS logs

2. Which type of log file is essential for monitoring and auditing security-related activities on your desktop, such as failed login attempts and access control changes?

Select the BEST option.

Security logs
Network logs
Application logs
Endpoint logs

3. What kind type of logs provide insights into user interactions, errors, and events within software programs?

Endpoint logs
Network logs
Application logs
OS-specific security logs

4. Which of the following data sources helps identify and prioritize system weaknesses, including outdated software and misconfigurations?

Automated reports
Patch Management
Packet captures
Vulnerability scans

5. You are the Chief Information Security Officer (CISO) of a large financial institution. Your team is responsible forensuring the organization's cybersecurity.

You need a data source that can provide realtime information about your organization's security status, highlight anomalies, and aid in compliance tracking. Which of the following data sources should you choose?

Dashboards
Packet captures
Automated reports
Network logs

6. Which type of type of log file tracks packets including connections, data transfers, and errors going to your intranet web server, including connections, data transfers, and errors?

Application logs
OS-specific security logs
Network logs
Security logs

7. You are a cybersecurity analyst working for a large technology company. Your responsibility is to monitor and auditsecurity-related activities on the company's network and operating systems to ensure the organization's digital assets are protected. Which of the following should choose?

Endpoint logs
Application logs
Security logs
System Logs

8. You are a cybersecurity analyst working for a large financial institution. Your role involves investigating security incidents and conducting forensic analysis to understand the nature and impact of potential breaches. Which of the following would be the BEST option to help you perform your job?

Vulnerability scans
Automated reports
Nmap
Packet captures

9. You are the security administrator for a medium-sized company. Part of your responsibility is to identify vulnerabilities that are visible to potential external attackers and assess open ports on your organization's network. Which of the following data sources would be BEST?

Automated reports
Credentialed Vulnerability Scan
Packet captures
Non-Credentialed Vulnerability Scan

10. You are the IT administrator for a medium-sized company. As part of your responsibilities, you need to ensure that user activities, system changes, and security events on devices are properly monitored and recorded for security and compliance purposes. Which of the following would be the BEST data sources to fulfil your duties?

Endpoint logs
Application logs
OS-specific security logs
Metadata

As a compliance officer in a healthcare organization, you are tasked with ensuring adherence to industry regulations and standards. Which type of governance structure would be most concerned ensuring compliance with external regulatory requirements?

Boards
Centralized governance
Committees
Government entities

2. You are the Chief Financial Officer

(CFO) of an e-commerce company that

processes credit card transactions. To ensure the secure handling of cardholder data and maintain compliance, which of the following regulations should your organization adhere to?

ISO 27001
ISO/IEC 27017
ISO/IEC 27018
PCI-DSS

3. As the CEO of a growing e-commerce business, you face a sudden system outage during a peak shopping season. Sales are plummeting, and customers are frustrated.

What is the BEST policy you can implement to rectify this situation?

Business Continuity
Change Management
Software Development Lifecycle
(SDLC)
Disaster Recovery

4. You are the head of a large financial institution and are contemplating thegovernance structure that best suits your organization's diverse branches and subsidiaries. What type of governance structure allows for local autonomy and decision-making at the branch level?

Government entities
Centralized
Committees
Decentralized

5. In which stage of the SDLC do developers merge their code changes into a shared repository?

Testing
Staging
Development
Production

6. You are the IT manager of a US government agency tasked with securing critical infrastructure against cyber threats. Which regulation is most pertinent to you and your systems?

A. ISO 27001

ISO/IEC 27017
NIST SP 800-53
PCI-DSS

7. You are the Chief Information Officer (CIO) of a multinational corporation responsible for ensuring compliance with data protection regulations. In this role, what primary responsibility do you hold as the data controller?

Managing data storage and infrastructure
Determining the purpose and means of data processing
Executing data backup and recovery procedures
Conducting data access audits

8. As the CISO of a healthcare organization, you are responsible for ensuring the confidentiality, integrity, and availability of patient data. Which regulation should you primarily abide by to establish a robust information security management system (ISMS)?

ISO 27001
ISO/IEC 27017
NIST SP 800-53
PCI-DSS

9. In the Software Development Lifecycle

(SDLC), which stage typically involves the final version of the code?

Testing
Staging
Development
Production

10. As the Data Privacy Officer (DPO) for a cloud service provider, your role involves safeguarding customer data and ensuring privacy in the cloud environment. Which regulation should guide your efforts to protect personal data in the cloud?

ISO/IEC 27701
ISO/IEC 27017
ISO/IEC 27018
NIST SP 800-5

1. Which of the following is a phase in risk management during which potential risks are determined?

Risk assessment
Risk identification
Risk mitigation
Risk monitoring

2. Which type of risk assessment is performed to monitor and assess risks in real-time and is most effective for instantaneous detection of issues?

Ad hoc
Scheduled
Continuous
Recurring

3. Which type of risk assessment typically occurs at regular and scheduled intervals?

One-time
Ad-hoc
Continuous
Recurring

4. In risk management strategies, which analytical approach quantifies risk by applying numerical values, statistical methods, and calculations such as annualized loss expectancy (ALE) to measure and assess the impact of risk?

Quantitative risk analysis
Qualitative risk analysis
Subjective loss expectancy analysis
Exposure factor

5. Which risk analysis methodology assesses the potential impacts and likelihoods of risks by utilizing subjective insights and evaluations, without emphasizing the computation of probable financial loss?

Qualitative risk analysis
Quantitative risk analysis
Risk magnitude evaluation
Risk impact analysis

A company experienced the repeated theft of computer systems valued at $10,000
five times in the last year. What is the annualized loss expectancy (ALE) for this risk event?
A. $2,000
B. $10,000
C. $50,000
D. $20,000
Which risk management strategy focuses on mitigating risk through insurance or outsourcing your IT?

Acceptance
Transfer
Mitigation
Avoidance

8. Which of the following risk management strategies involves the acknowledgment of a risk where no proactive measures are taken to address it, due to its negligible impact?

Exemption
Exception
Acceptance
Transfer

9. Which statement BEST describes the critical difference between recovery time objective and recovery point objective within the context of business impact analysis?

Recovery time objective refers to the maximum allowable downtime, while recovery point objective refers to the maximum allowable data loss.
Recovery time objective refers to the frequency of system failures, while recovery point objective refers to the maximum allowable downtime.
Recovery time objective refers to the maximum allowable data loss, while recovery point objective refers to the maximum allowable downtime.
Recovery time objective and recovery point objective both refer to the maximum allowable downtime but are used in different contexts.

10. In business impact analysis, which component is crucial for determining the acceptable data loss and downtime in IT systems?

Mean time between failures
Recovery point objective and recovery time objective
Data frequency analysis
Impact acceptance threshold

1. When completing a risk assessment of a vendor, which of the following processes plays a pivotal role in comprehensively assessing the potential vulnerabilities of a vendor's digital infrastructure to show thevendor's security weaknesses? Select the BEST option.

Supply chain analysis
Due diligence
Penetration testing
Conflict of interest

2. Which clause is integral in evaluating a vendor's adherence to policy and compliance?

Compliance clause
Right-to-audit clause
Investigation clause
Assessment clause

3. Within the framework of vendor management and compliance, what mechanism plays a role in confirming a vendor's commitment to internal organizational policies and regulatory requirements? Select the BEST option.

Independent assessments
Evidence of internal audits
Penetration testing
Supply chain analysis

4. Which of the following types of assessment provides an impartial evaluation of a vendor's security posture?

Vendor assessment
Internal audit
Independent assessments
Penetration testing

5. Which of the following processes is crucial for evaluating risks that may arise from a vendor's suppliers and subcontractors?

Vendor assessment
Supply chain analysis
Due diligence
Conflict of interest analysis

6. During vendor selection, which process is fundamental for assessing the potential risks and benefits associated with a potential vendor?

Conflict of interest review
Right-to-audit clause enforcement
Due diligence
Penetration testing

7. Which document typically outlines confidential obligations between parties to protect sensitive information?

8. Which document typically serves as the foundation for producing work orders and statements of work that detail specific activities and deliverables?

9. Which of the following agreements is specifically focused on mutual goals and expectations of a project or partnership and is typically legally binding?

10. When conducting a third-party risk assessment, which of the following is the BEST method to evaluate the strategic alignment between the vendor's capabilities and the organization's objectives?

Independent assessments
Penetration testing
Vendor monitoring
SLA review

1. A brokerage firm has consistently failed to adhere to crucial regulatory requirements, resulting in a series of serious violations.

What is the MOST significant consequence this organization could face for its non-compliance? Choose the BEST answer.

Regulatory fines
Loss of license
Reputational damage
Data mismanagement

2. In the context of data protection and privacy regulations, which of the following best describes the role of a data processor?

An individual who exercises control over the processing of personal data
An organization or person that determines the purposes and means of processing personal data
An entity that processes personal data on behalf of the data controller
A government authority responsible for enforcing data protection laws

3. Imagine you are the head of the security compliance team at a large financial institution. Your team is responsible for ensuring the organization adheres to regulatory standards and internal policies.

Which of the following elements is essential for effective internal compliance reporting?

Consistently update stakeholders about the progress of compliance initiatives through regular meetings and reports.
Keep compliance documentation concise to reduce clutter and minimize the risk of data breaches.
Restrict access to compliance reports to a select few individuals to maintain confidentiality.
Address compliance issues as they arise, without proactively identifying potential risks.

4. You are the chief compliance officer at a multinational corporation considering a merger with a smaller company in a different industry. Which aspect of due diligence is crucial to assess potential risks and ensure a successful merger? (SELECT

Evaluating the smaller company's stock performance
Conducting a cultural compatibility analysis
Focusing solely on financial metrics
Reviewing intellectual property assets

5. Your organization is preparing for its annual internal compliance reporting to assess adherence to security standards and regulations. The compliance team is debating whether to rely on internal reporting alone or incorporate external compliance reports. Which of the following statements best explains why it is better to use an external compliance report in this scenario?

External reports provide internal teams with more comprehensive data.
Internal reports offer a more accurate assessment of the organization's compliance status.
External reports help identify alignment with industry best practices for compliance.
Internal reports allow for better customization to address specific organizational needs.

6. In the context of security compliance reporting, which type of report typically includes third-party audits?

Internal compliance reports
Regulatory compliance reports
External compliance audits
Security incident reports

7. You are the data privacy officer at a large technology company, and your team is responsible for ensuring compliance with privacy regulations. You deal with data

protection and privacy on a daily basis.

Which of the following individuals or entities is considered a data subject in your role?

A company's chief information officer
An individual using a smartphone app
A data security analyst
A server hosting customer database.

8. Which of the following is the BEST type of auditing where you typically encounter a risk assessment as a fundamental

component?

Financial auditing
Environmental auditing
Information security auditing
Human resources auditing

9. A multinational technology company has recently relocated its headquarters from New York to Paris to expand its operations in Europe. In light of this move, the company must now navigate a new set of privacy laws and regulations. What privacylaws does it need to comply with following its office relocation?

GDPR
CCPA
HIPAA
GLBA

10. In a corporate environment, what is the primary purpose of an attestation process?

To confirm the authenticity of employee acknowledgments
To certify the financial statements of a company
To verify the identity of customers during onboarding
To acknowledge the receipt of an employee handbook

1. You work in third-line support dealing with both cybersecurity and network security assessments. Your organization is looking to assess its security posture by employing ethical hackers to identify vulnerabilities and weaknesses in its defenses. Which of the following types of penetration testing best fits your requirements?

A. Defensive penetration testing

Passive reconnaissance
Active reconnaissance
Offensive penetration testing

2. Which reconnaissance type aims to gather initial data about the target without alerting or engaging with its systems to minimize the risk of detection?

Active reconnaissance
Passive reconnaissance
Defensive penetration testing
Online survey

3. Which of the following reconnaissance types involves sending requests to target systems to assess their responses and determine their configuration and vulnerabilities?

Offensive penetration testing
Passive reconnaissance
Active reconnaissance
Defensive penetration testing

4. What process involves the meticulous examination and validation of information, often by a qualified independent party, to ensure its accuracy and compliance with established standards and regulations?

Offensive penetration testing
Passive reconnaissance
Attestation
Active reconnaissance

5. Which of the following is a primary benefit of an external audit for an organization?

Identifying weaknesses in internal controls
Enhancing operational efficiency
Providing independent assurance on the accuracy of financial statements
Ensuring compliance with internal policies and procedures

6. You are the chief operating officer of a rapidly growing technology startup.

Your company has recently expanded itsoperations and increased its workforce, leading to a more complex organizational structure. To ensure effective oversight and management of your business processes, you decide to establish an internal audit function. Which of the following is your primary objective?

Confirming alignment with organizational needs and priorities
Enhancing the organization's market competitiveness
Providing independent assurance on financial statements
Evaluating compliance with external regulations

7. Which of the following limitations is MOST LIKELY to be associated with the scope of external audits?

Identifying operational inefficiencies
Providing independent assurance on financial statements
Assessing compliance with internal policies
D. Limited access to internal records and systems
8. You are the CEO of a publicly traded company in the healthcare sector.
Your organization has a complex governance structure and a diverse range of stakeholders, including investors, regulatory bodies, and the public. To ensure transparency and accountability in your corporate governance, you have established an audit committee as part of your board of directors. Which of the following should be their key responsibility?
1. Conducting external audits
2. Enhancing operational efficiency
3. Providing independent assurance on financial statements
4. Overseeing the effectiveness of internal audit functions
9. You are the chief compliance officer of a pharmaceutical company that specializes in manufacturing and distributing medical devices. Your organization operates in a highly regulated industry, and it is essentialto comply with strict external regulations and industry standards to ensure the safety and quality of your products. How do auditing practices influence your organization's compliance with external regulations and industry standards? Select the BEST choice.
1. Auditing ensures strict adherence to internal policies.
2. Auditing imposes financial penalties for non-compliance.
3. Auditing provides independent verification of compliance efforts.
4. Auditing eliminates the need for regulatory reporting.
10. You are the quality assurance manager at a food manufacturing company known for producing high-quality, organic products. Your organization operates in a sector with stringent regulatory requirements and industry standards, and ensuring compliance is a top priority to maintain the trust of consumers and regulators. What role does auditing play in an organization's efforts to maintainregulatory compliance and adherence to industry standards?
1. Auditing ensures compliance without any organizational effort.
2. Auditing identifies areas for improvement but does not impact compliance.
3. Auditing provides a systematic evaluation and verification of compliance efforts.
4. Auditing solely relies on self-reporting for compliance assessment.

1. The cybersecurity team has observed multiple instances of hacked passwords among employees. In response, they are planning to implement a password management policy. Which of the following practices should they adopt to enhance password security?

A policy that encourages employees to share their passwords with colleagues.
A policy that requires employees to use the same password for all their accounts.
Promoting the use of strong, unique passwords that include a combination of uppercase and lowercase letters, numbers, and symbols.
Advising employees to use passwords consisting of only uppercase letters and numbers.

2. You are the chief information security officer at a global technology company that has transitioned to a predominantly remote work environment. With employees working from various locations around the world, ensuring the security of your company's data and systems is paramount.

Which of the following security practices is crucial to mitigate the risks associated with remote work environments?

Allowing employees to store sensitive data on their personal devices.
Implementing multi-factor
authentication (MFA) for remote access to company resources
Allow employees to visit websites using virtual private networks (VPNs) for remote connections.

3. You are the security analyst for a large financial institution. You notice that one of your employees, who typically works regular hours, has been accessing sensitive financial data at unusual times and from different locations. What type of security issue does this scenario most likely indicate?

Risky Behavior
Unexpected Behavior
Anomalous Behavior
Unintentional Behavior

4. You are the human resources director at a financial services company that handles sensitive customer data and is dedicated

A. Encouraging employees to use open system authentication for Wi-Fi networks for convenience.

to maintaining a strong cybersecurity posture. You are tasked with enhancing the organization's cybersecurity training program to address the specific needs and responsibilities of different employee roles. What is a significant benefit of implementing role-based cybersecurity training in an organization?

It simplifies the training process by providing a one-size-fits-all approach.
It helps employees develop a deep understanding of all security domains.
It tailors training content to specific job responsibilities and risks.
It reduces the need for ongoing security awareness efforts.

5. Your organization has implemented strict data access policies, but an employee accidentally sends a sensitive customer database to a colleague outside the company. What type of security issue does this scenario most likely indicate?

Unintentional behavior
Unexpected behavior
Anomalous behavior
Risky behavior

6. A company has recently suffered many phishing and spear phishing attacks. In response to this, the chief information security officer has decided to run a phishing campaign. What is the primary goal of this phishing campaign?

To describe the details of the phishing attacks to employees
To educate employees about the benefits of successful phishing campaigns
To assess how vulnerable employees are to phishing attempts.
To encourage employees to participate in more phishing attacks.

7. You are the chief information security officer at a medium-sized healthcare organization. You recently implemented a comprehensive cybersecurity awareness training program to educate your employees about the importance of data

security and how to identify and respond to potential threats. What is the most effective method to determine whether or not cybersecurity awareness training was successful in an organization?

Tracking the number of security incidents
Measuring employee satisfaction with the training content
Assessing the organization's financial performance
Conducting simulated phishing tests and monitoring results

8. While reviewing network logs, you discover that a software developer is accessing a server they don't typically work on and are attempting to modify critical system files. What type of security issue does this scenario most likely indicate?

Unintentional behavior
User behavior
Risky behavior
Unexpected behavior

9. You are an employee at a large financial institution receiving training on cybersecurity awareness due to recent phishing attacks that have targeted your organization's employees. One morning, you receive an email that appears suspicious, with unusual links and a request for sensitive information. What is the most appropriate next action for you to take?

Delete the suspicious email.
Forward the email to colleagues for their opinion before reporting it.
Report the suspicious email to the organization's IT or security department.
Reply to the email requesting more information to confirm its legitimacy.

10. As the chief information security officer of an organization, you have determined that security awareness in your organization needs improvement. Which of the following topics or initiatives would you consider adding to the agenda of your

security awareness training? (Select FOUR)

Phishing awareness and email security
Workplace safety protocols and first aid training
Social engineering and recognizing manipulation tactics.
Cybersecurity policies and compliance requirements
Time management and productivity tips
Identifying potential workplace hazards
Password management and strong authentication practices
Effective communication and conflict resolution skills

	Insecure Protocol	Secure Protocol
A	Telnet	SSH
B	HTTP	HTTPS
	POP3S	HTTP
D	SMTP	POP3S
E	HTTP	IMAPS
F	FTPS	SMTPS
G	FTP	SFTP