When considering the disposal of confidential data, equipment and storage devices, what social engineering technique SHOULD always betaken into consideration?
When considering the disposal of confidential data, equipment and storage devices, what social engineering technique SHOULD always betaken into consideration?A . Spear Phishing.B . Shoulder Surfing.C . Dumpster Diving.D . Tailgating.View AnswerAnswer: A
In a security governance framework, which of the following publications would be at the HIGHEST level?
In a security governance framework, which of the following publications would be at the HIGHEST level?A . Procedures.B . StandardsC . Policy.D . GuidelinesView AnswerAnswer: A
What type of attack could directly affect the confidentiality of an unencrypted VoIP network?
What type of attack could directly affect the confidentiality of an unencrypted VoIP network?A . Packet Sniffing.B . Brute Force Attack.C . Ransomware.D . Vishing AttackView AnswerAnswer: B
What physical security control would be used to broadcast false emanations to mask the presence of true electromagentic emanations from genuine computing equipment?
What physical security control would be used to broadcast false emanations to mask the presence of true electromagentic emanations from genuine computing equipment?A . Faraday cage.B . Unshielded cabling.C . Copper infused windows.D . White noise generation.View AnswerAnswer: B
Data Protection & Privacy.
Data Protection & Privacy.A . 1, 2 and 3B . 3, 4 and 5C . 2, 3 and 4D . 1, 2 and 5View AnswerAnswer: D
Whatis the name of the method used to illicitly target a senior person in an organisation so as to try to coerce them Into taking an unwanted action such as a misdirected high-value payment?
Whatis the name of the method used to illicitly target a senior person in an organisation so as to try to coerce them Into taking an unwanted action such as a misdirected high-value payment?A . Whaling.B . Spear-phishing.C . C-suite spamming.D . Trawling.View AnswerAnswer: B
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?A . System Integrity.B . Sandboxing.C . Intrusion Prevention System.D . Defence in depth.View AnswerAnswer: D Explanation: https://en.wikipedia.org/wiki/Defense_in_depth_(computing)
What form of risk assessment is MOST LIKELY to provide objective support for a security Return on Investment case?
What form of risk assessment is MOST LIKELY to provide objective support for a security Return on Investment case?A . ISO/IEC 27001.B . Qualitative.C . CPNE . QuantitativeView AnswerAnswer: D
What Is the PRIMARY reason for organisations obtaining outsourced managed security services?
What Is the PRIMARY reason for organisations obtaining outsourced managed security services?A . Managed security services permit organisations to absolve themselves of responsibility for security.B . Managed security services are a de facto requirement for certification to core security standards such as ISG/IEC 27001C . Managed security services provide access...
What advantage does the delivery of online security training material have over the distribution of printed media?
What advantage does the delivery of online security training material have over the distribution of printed media?A . Updating online material requires a single edit. Printed material needs to be distributed physically.B . Online training material is intrinsically more accurate than printed material.C . Printed material is a 'discoverable record'...