- All Exams Instant Download
What form of attack against an employee has the MOST impact on their compliance with the organisation's "code of conduct"?
What form of attack against an employee has the MOST impact on their compliance with the organisation's "code of conduct"?A . Brute Force Attack.B . Social Engineering.C . Ransomware.D . Denial of Service.View AnswerAnswer: D
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?A . TOGAFB . SABSAC . PCI DSE . OWASView AnswerAnswer: B
Which of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?
Which of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?A . Online retailer.B . Traditional market trader.C . Mail delivery business.D . Agricultural producer.View AnswerAnswer: A
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?A . System Integrity.B . Sandboxing.C . Intrusion Prevention System.D . Defence in depth.View AnswerAnswer: D Explanation: https://en.wikipedia.org/wiki/Defense_in_depth_(computing)
Preventive.
Preventive.A . 1, 2 and 4.B . 1, 2 and 3.C . 1, 2 and 5.D . 3, 4 and 5.View AnswerAnswer: C
Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?
Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?A . Advanced Persistent Threat.B . Trojan.C . Stealthware.D . Zero-day.View AnswerAnswer: D Explanation: https://en.wikipedia.org/wiki/Zero-day_(computing)
Which algorithm is a current specification for the encryption of electronic data established by NIST?
Which algorithm is a current specification for the encryption of electronic data established by NIST? A. RSA. B. AES. C. DES. D. PGP.View AnswerAnswer: B Explanation: https://www.nist.gov/publications/advanced-encryption-standard-aes
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?A . System Integrity.B . Sandboxing.C . Intrusion Prevention System.D . Defence in depth.View AnswerAnswer: D Explanation: https://en.wikipedia.org/wiki/Defense_in_depth_(computing)
In software engineering, what does 'Security by Design”mean?
In software engineering, what does 'Security by Design”mean?A . Low Level and High Level Security Designs are restricted in distribution.B . All security software artefacts are subject to a code-checking regime.C . The software has been designed from its inception to be secure.D . All code meets the technical requirements...
When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?
When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?A . Risk = Likelihood * Impact.B . Risk = Likelihood / Impact.C . Risk = Vulnerability / Threat.D . Risk = Threat * Likelihood.View AnswerAnswer: C
