After returning from a conference, a user's laptop has been operating slower than normal and overheating and the fans have been running constantly During the diagnosis process, an unknown piece of hardware is found connected to the laptop's motherboard. Which of the following attack vectors was exploited to install the hardware?

Physical access to the organization's servers in the data center requires entry and exit through multiple access points: a lobby, an access control vestibule, three doors leading to the server floor itself and eventually to a caged area solely for the organization's hardware. Which of the following controls is described in this scenario?

Which of the following control Types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?

Which of the following control types is focused primarily on reducing risk before an incident occurs?

Which of the following control types is patch management classified under?

A security analyst is tasked with classifying data to be stored on company servers. Which of the following should be classified as proprietary?

An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps. Which of the following control types has the organization implemented?

A company is focused on reducing risks from removable media threats. Due to certain primary applications, removable media cannot be entirely prohibited at this time. Which of the following best describes the company's approach?

Which of the following documents provides expectations at a technical level for quality, availability, and responsibilities?

Which of the following is an example of transference of risk?

An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five- year cost of the insurance policy. The organization is enabling risk;

A security team is conducting a security review of a hosted data provider. The management team has asked the hosted data provider to share proof that customer data is being appropriately protected. Which of the following would provide the best proof that customer data is being protected?

Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

Which of the following risk management strategies would an organization use to maintain a legacy system with known risks for operational purposes?

The Chief Compliance Officer from a bank has approved a background check policy for all new hires Which of the following is the policy MOST likely protecting against?

An IT manager is estimating the mobile device budget for the upcoming year Over the last five years, the number of devices that were replaced due to loss damage or theft steadily increased by 10%. Which of the following would BEST describe the estimated number of devices to be replaced next year?

A security analyst is designing the appropriate controls to limit unauthorized access to a physical site. The analyst has a directive to utilize the lowest possible budget Which of the following would BEST meet the requirements?

A routine audit of medical billing claims revealed that several claims were submitted without the subscriber's knowledge. A review of the audit logs for the medical billing company's system indicated a company employee downloaded customer records and adjusted the direct deposit information to a personal bank account. Which of the following does this action describe?

Which of the following terms describes a broad range of information that is sensitive to a specific organization?

Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?

Which of the following organizations sets frameworks and controls for optimal security configuration on systems?

Two organizations plan to collaborate on the evaluation of new SIEM solutions for their respective companies. A combined effort from both organizations' SOC teams would speed up the effort. Which of the following can be written to document this agreement?

A technician enables full disk encryption on a laptop that will be taken on a business trip. Which of the following does this process BEST protect?

The board of doctors at a company contracted with an insurance firm to limit the organization’s liability. Which of the following risk management practices does this BEST describe?

Which of the following is a benefit of including a risk management framework into an organization's security approach?

A company is auditing the manner in which its European customers' personal information is handled. Which of the following should the company consult?

Two hospitals merged into a single organization. The privacy officer requested a review of all records to ensure encryption was used during record storage, in compliance with regulations. During the review, the officer discovered that medical diagnosis codes and patient names were left unsecured. Which of the following types of data does this combination BEST represent?

An organization recently completed a security control assessment The organization determined some controls did not meet the existing security measures. Additional mitigations are needed to lessen the risk of the non- compliant controls. Which of the following best describes these mitigations?

Which of the following is an example of risk avoidance?

A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

Which of the following documents provides guidance regarding the recommended deployment of network security systems from the manufacturer?

A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?

Which of the following should a Chief Information Security Officer consider using to take advantage of industry standard guidelines?

Which of the following measures the average time that equipment will operate before it breaks?

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?

Which of the following control types is patch management classified under?

Which of the following best describes a tool used by an organization to identify, log, and track any potential risks and corresponding risk information?

Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

A company discovered that terabytes of data have been exfiltrated over the past year after an employee clicked on an email link. The threat continued to evolve and remain undetected until a security analyst noticed an abnormal amount of external connections when the employee was not working. Which of the following is the MOST likely threat actor?

The president of a regional bank likes to frequently provide SOC tours to potential investors. Which of the following policies BEST reduces the risk of malicious activity occurring after a tour?

Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

Which of the following is a policy that provides a greater depth of knowledge across an organization?

Users are presented with a banner upon each login to a workstation. The banner mentions that users are not entitled to any reasonable expectation of privacy and access is for authorized personnel only. In order to proceed past that banner. users must click the OK button. Which of the following is this an example of?

A company's security team received notice of a critical vulnerability affecting a high-profile device within the web infrastructure. The vendor patch was just made available online but has not yet been regression tested in development environments. In the interim, firewall rules were implemented to reduce the access to the interface affected by the vulnerability. Which of the following controls does this scenario describe?

Which of the following explains why RTO is included in a BIA?

After a recent external audit, the compliance team provided a list of several non- compliant, in-scope hosts that were not encrypting cardholder data at rest, Which of the following compliance frameworks would address the compliance team's GREATEST concern?

A security analyst has been tasked with finding the maximum amount of data loss that can occur before ongoing business operations would be impacted. Which of the following terms BEST defines this metric?

An attacker has determined the best way to impact operations is to infiltrate third- party software vendors. Which of the following vectors is being exploited?

Which of the following controls is used to make an organization initially aware of a data compromise?

A vulnerability has been discovered and a known patch to address the vulnerability does not exist. Which of the following controls works BEST until a proper fix is released?

Which of the following control types fixes a previously identified issue and mitigates a risk?

A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?

A company posts a sign indicating its server room is . Which of the following control types is represented?

Which of the following threat actors is MOST likely to be motivated by ideology?

A social media company based in North America is looking to expand into new global markets and needs to maintain compliance with international standards With which of the following is the company's data protection officer MOST likely concerned''

Which of the following secure coding techniques makes compromised code more difficult for hackers to use?

Which of the following would a security analyst use to determine if other companies in the same sector have seen similar malicious activity against their systems?

A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?

Which of the following describes business units that purchase and implement scripting software without approval from an organization's technology Support staff?

A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers?

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

A preventive control differs from a compensating control in that a preventive control is:

A security team discovered a large number of company-issued devices with non-work-related software installed. Which of the following policies would most likely contain language that would prohibit this activity?

An audit Identified Pll being utilized In the development environment of a critical application. The Chief Privacy Officer (CPO) Is adamant that this data must be removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following should a security professional implement to BEST satisfy both the CPO's and the development team's requirements?

A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?

A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers, the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?

The following is an administrative control that would be MOST effective to reduce the occurrence of malware execution?

Which of the following can be used to calculate the total loss expected per year due to a threat targeting an Asset?

A company has a "right to forgotten" request to legally comply, the company must remove data related to the requester from its systems. Which Of the following Companies most likely complying with?

A financial institution recently joined a bug bounty program to identify security issues in the institution's new public platform. Which of the following best describes who the institution is working with to identify security Issues?

Which of the following control types is focused primarily on reducing risk before an incident occurs?

Which of the following control types would be BEST to use to identify violations and incidents?

A security personnel is tasked with restricting access to a military site. He has a directive to use the possible lowest budget. Which one of the following would be best?

Security analyst (or technician) has to implement a control in a cost effective way (with low budget) in order to limit unauthorized access physically?

Which of the following provides a catalog of security and privacy controls related to the United States federal information systems?

A company's Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks. Which of the following would be BEST for the security manager to use in a threat mode?

The IT department at a university is concerned about professors placing servers on the university network in an attempt to bypass security controls. Which of the following BEST represents this type of threat?

A public relations team will be taking a group of guests on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboards are cleaned and all desks are cleared. The company is MOST likely trying to protect against.

Which of the following refers to applications and systems that are used within an organization without consent or approval?

A Chief Executive Officer's (CEO) personal information was stolen in a social engineering attack. Which of the following sources would reveal if the CEO's personal information is for sale?

An organization just experienced a major cyber attack incident. The attack was well coordinated, sophisticated and highly skilled. Which of the following targeted the organization?

A security analyst is concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should the analyst monitor?

The database administration team is requesting guidance for a secure solution that will ensure confidentiality of cardholder data at rest only in certain fields in the database schema. The requirement is to substitute a sensitive data field with a non-sensitive field that is rendered useless if a data breach occurs. Which of the following is the BEST solution to meet the requirement?

A security monitoring company offers a service that alerts ifs customers if their credit cards have been stolen. Which of the following is the MOST likely source of this information?

Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

A security practitioner is performing due diligence on a vendor that is being considered for cloud services.Which of the following should the practitioner consult for the best insight into the current security posture of the vendor?

A security analyst needs to find real-time data on the latest malware and locs which of the following best describe the solution the analyst should pursue?Threat feeds

A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy?

A multinational organization that offers web-based services has datacenters that are located only in the United States; however, a large number of its customers are in Australia, Europe, and China. Payments for services are managed by a third party in the United Kingdom that specializes in payment gateways. The management team is concerned the organization is not compliant with privacy laws that cover some of its customers. Which of the following frameworks should the management team follow?

After consulting with the Chief Risk Officer (CRO), a manager decides to acquire cybersecurity insurance for the company. Which of the following risk management strategies is the manager adopting?

Which of the following serves to warn users against downloading and installing pirated software on company devices?

In which of the following risk management strategies would cybersecurity insurance be used?

Which of the following are requirements that must be configured for PCI DSS compliance? (Select TWO) A. Testing security systems and processes regularly B. Installing and maintaining a web proxy to protect cardholder data C. Assigning a unique ID to each person with computer access D. Encrypting transmission of cardholder data across private networks E. Benchmarking security awareness training for contractors F. Using vendor-supplied default passwords for system passwords

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

Which of the following is the MOST likely motivation for a script kiddie threat actor?

Which of the following scenarios BEST describes a risk reduction technique?

Which of the following is the purpose of a risk register?