SY0-701 Practice Quiz

Question 29. An online banking website employs a system that automatically logs out users after 10 minutes of inactivity to ensure that if a user forgets to log out, no one else can alter the user’s banking details. Which principle of the CIA triad is the banking website MOST directly addressing?

A. Confidentiality
B. Availability
C. Authentication
D. Integrity

Answer: D. Integrity. The integrity

Question 34. To discourage potential cybercriminals from targeting their online storefront, an e-commerce company is considering various security measures. Which of the following would act MOST effectively as a deterrent control?

A. Displaying a seal for third-party security certifications on the website
B. Using a Web Application Firewall (WAF)
C. Conducting monthly vulnerability assessments
D. Storing customer data in encrypted databases

Answer: A. Displaying a seal for

Question 39. GreenValley Mall, located in a busy urban area, has recently faced security concerns due to the proximity of its main entrance to a major road. Which physical security enhancement can the mall management implement to create a protective barrier between the road and the entrance, ensuring pedestrian safety and preventing unauthorized vehicular access?

A. Reinforced Walls
B. Metal Detectors
C. Bollards
D. Perimeter Fencing

Answer: C. Bollards. Bollards are

Question 42. A multinational organization recently experienced a significant security breach. After investigating, it was determined that a change to the network infrastructure was made without undergoing the standard approval process. As a result, there was a misconfiguration which allowed unauthorized access. What security principle related to change management did the organization neglect?

A. Configuration baseline reviews
B. Least privilege enforcement Explanation 42. Correct Answer: C. Approval process adherence. The approval process is a critical aspect of change management. Before any changes are made, especially to critical systems like network infrastructure, they need to undergo a rigorous approval process. This ensures that multiple experts evaluate the change for potential vulnerabilities or issues. In this scenario, skipping the approval process led to a significant security breach. Question 43. After a series of cyber-attacks on a company’s infrastructure, the IT team decided to deploy a solution that would seem like a legitimate part of their network but is intentionally isolated and monitored. They intend to detect and analyze malicious activities in this isolated environment. What technology are they most likely implementing? (A) Network segmentation (B) Honeypot
C. DMZ (Demilitarized Zone)
D. Sandboxing

Answer: B. Honeypot. A honeypot is

Question 51. BioGen Inc., a biotechnology company, has implemented a layered security approach. They are considering adding a human element to their security measures for their research labs. Which of the following would best provide the ability to evaluate and respond to various security situations with human judgment?

A. Installing biometric locks
B. Employing security guards
C. Implementing an access control vestibule
D. Deploying AI-driven security cameras

Answer: B. Employing security

Question 55. While setting up a new internal web application, Laura, a system administrator, decides to use a digital certificate for SSL/TLS encryption. Due to budget constraints, she can’t procure a certificate from a commercial Certificate Authority (CA). Which of the following would be a viable option for Laura to secure the application?

A. Rely on plaintext HTTP for the application
B. Obtain a certificate from a free Certificate Authority
C. Generate a self-signed certificate
D. Use a shared certificate from another application

Answer: C. Generate a self-signed

Question 58. A financial institution processes thousands of credit card transactions daily. To ensure the security and integrity of these transactions, the security officer wants to employ a solution that will safely manage and store cryptographic keys. Which of the following would be the MOST suitable solution?

A. Trusted Platform Module (TPM)
B. Full Disk Encryption (FDE)
C. Hardware Security Module (HSM)
D. Software Key Repository

Answer: C. Hardware Security

Question 60. A company is developing a new video conferencing tool. They want to make sure that all video and audio data transmitted between participants are encrypted and protected from eavesdropping. Which type of encryption should the developers implement to achieve this?

A. Endpoint Encryption
B. Transport-layer Encryption
C. Volume-level Encryption
D. Database-level EncryptionAccess Control

Answer: B. Transport-layer

Question 67. Sarah is working on a project where she needs to validate the integrity and authenticity of assets over time, without a centralized authority. Which technology would be most appropriate for this use case?

A. Digital signature
B. Key escrow
C. Blockchain
D. Key management system

Answer: C. Blockchain. Blockchain

Question 68. A graphic design company frequently works with large files such as videos and high-resolution images. These files are stored on a dedicated storage volume in their server. While they need to secure this data, they don’t want to encrypt individual files due to the volume of data and frequent access needs. Which encryption approach is most appropriate for this scenario?

A. File-level Encryption
B. Full-disk Encryption
C. Transport-layer Encryption
D. Volume-level Encryption

Answer: D. Volume-level

Question 72. A security administrator needs to apply a configuration change to a critical service, requiring a service restart. Before initiating the restart, which of the following steps is MOST important to ensure continuous service availability?

A. Implement automatic service restart on failure
B. Announce the restart to all company employees
C. Schedule the restart during off-peak hours
D. Take a backup of the current service configuration

Answer: A. Implement automatic

Question 77. An online retailer is considering various methods to protect its customers’ credit card information. Instead of storing the actual credit card numbers in their database, they opt for a solution that replaces the numbers with unrelated, random values. What is this method called?

A. Symmetric encryption
B. Digital watermarking
C. Hashing
D. Tokenization

Answer: D. Tokenization.

Question 85. A large e-commerce company is deploying a new online payment system. The Chief Information Security Officer (CISO) is concerned about the security of cryptographic keys and wants to ensure they are protected from potential theft or compromise. Which tool should the CISO implement to provide the HIGHEST level of security for these keys?

A. Password vault
B. Software-based key storage
C. Hardware Security Module (HSM)
D. Cloud-based encryption service

Answer: C. Hardware Security

Question 87. A financial institution is looking to adopt an encryption algorithm for its transactions that is considered to be very secure due to its longer key length, compared to older standards. Which encryption algorithm best fits this description?

A. DES
B. Blowfish
C. RSA
D. AES-256

Answer: D. AES-256. AES-256, part

Question 88. Alice receives an email from Bob with an attached document. She wants to verify both the authenticity of the sender and the integrity of the attached document. Which of the following should Bob have used before sending the email?

A. Encrypt the document with his private key
B. Hash the document
C. Encrypt the document with Alice's public key
D. Sign the document with his private key

Answer: D. Sign the document with

Question 92. A user wants to send a confidential email to their colleague and ensure that only the intended recipient can read it. The user also wants to provide assurance to the recipient that the email was indeed sent by them. Which encryption method should the user employ to accomplish this?

A. Use symmetric encryption with a shared key
B. Use asymmetric encryption and encrypt the email with the recipient's public key
C. Use asymmetric encryption, encrypt the email with the user's private key
D. Use asymmetric encryption, first sign the email with the user's private key, then encrypt it with the recipient's public key

Answer: D. Use asymmetric

Question 93. A user, Amy, wants to securely send a confidential document to her colleague, Bob. Amy decides to encrypt the document to ensure its confidentiality. Which of the following should Amy use to encrypt the document, ensuring only Bob can decrypt it?

A. Amy's private key
B. Amy's public key
C. Bob's private key
D. Bob's public key

Answer: D. Bob’s public key. In

Question 98. A company is looking for a cryptographic solution that provides an immutable and transparent record of all transactions in a distributed ledger system. Which of the following would BEST meet this requirement?

A. Symmetric key algorithm
B. Public key infrastructure
C. Blockchain
D. Digital watermark

Answer: C. Blockchain. Blockchain

Question 102. A financial institution plans to provide access to its database for third-party developers to create new applications. However, they want to ensure that the developers do not see the actual data but instead work with a disguised version that retains the data’s original structure. What technique is the financial institution considering?

A. Tokenization
B. Data masking
C. Encryption
D. Digital watermarking

Answer: B. Data masking. Data

Question 116. Mike, a network administrator, notices an unauthorized device connected directly to the company’s main network switch in the server room. This device is attempting to capture network traffic. What kind of attack is this unauthorized device likely conducting?

A. Rogue access point
B. VLAN hopping
C. Port mirroring
D. ARP poisoning

Answer: C. Port mirroring. Port

Question 120. Jane, an accountant in a multinational corporation, received an email from what seemed to be the company’s IT department. The email had the company’s logo, colors, and font and urged Jane to click on a link to reset her password due to “suspicious activity.” However, upon close inspection, Jane noticed a minor spelling error in the domain name of the sender’s email address. What type of attack does this scenario describe?

A. Spear Phishing
B. Vishing
C. Baiting
D. Brand Impersonation

Answer: D. Brand Impersonation.

Question 137. Lucy, a security analyst, is informed that several employees have been receiving unauthorized file transfer requests via Bluetooth when they are in the company’s cafeteria. Which of the following attacks is MOST likely being attempted?

A. Bluejacking
B. ARP poisoning
C. Bluesnarfing
D. Evil Twin

Answer: A. Bluejacking.

Question 141. A company detected a DDoS attack that lasted for several weeks. The attackers used a botnet of millions of infected devices and frequently rotated attack vectors to bypass mitigation efforts. This prolonged and resource-intensive attack suggests which kind of threat actor’s resources and funding?

A. Amateur hacker with minimal resources
B. Cybersecurity researcher testing vulnerabilities
C. Nation-state actor with strategic interests
D. Organized crime syndicate with substantial funding

Answer: D. Organized crime

Question 145. During an e-commerce website audit, a security analyst discovers that if a user tries to purchase a product and simultaneously cancels the order, the product sometimes gets added to the user’s cart without deducting any funds. This vulnerability can potentially be exploited to obtain products for free. Which vulnerability type is the e-commerce website susceptible to?

A. Directory Traversal
B. Insecure Direct Object References (IDOR)
C. Race Condition
D. Cross-Site Request Forgery (CSRF)

Answer: C. Race Condition. When

Question 148. Jane, a security analyst, receives a report about network slowdowns happening at specific times of the day. After investigating, she discovers that a device is flooding the network with traffic, causing legitimate requests to be dropped. Which type of attack is this device likely performing?

A. Distributed Denial of Service (DDoS)
B. ARP poisoning
C. MAC flooding
D. DNS amplification

Answer: C. MAC flooding. MAC

Question 149. A software development team in a large corporation decided to use an unauthorized cloud-based tool to host and manage their source code. The team believed it would increase their productivity, even though it was not approved by the IT department. A few weeks later, unauthorized access to their project data was detected. Which threat actor concept BEST describes the situation?

A. Insider threat
B. Hacktivist
C. Shadow IT
D. Organized crime syndicate

Answer: C. Shadow IT. Shadow IT

Question 155. The finance department of a global corporation found a series of unauthorized transactions originating from an employee’s workstation. Investigations revealed that the employee had been bypassing company policies to make unauthorized investments using company funds. Based on the attributes of the actor, how can this threat actor be best categorized?

A. External actor leveraging malware
B. External actor exploiting vulnerabilities
C. Internal actor with direct access
D. Internal actor with indirect access

Answer: C. Internal actor with

Question 156. While conducting a security assessment, Lucy found that a specific application crashes when she inputs a string that is much longer than what the input field is designed to handle. This could potentially allow her to execute arbitrary code in the application’s context. What vulnerability is Lucy likely trying to exploit?

A. SQL Injection
B. Cross-Site Scripting (XSS)
C. Buffer Overflow
D. Directory Traversal

Answer: C. Buffer Overflow.

Question 164. Jake recently ran an old game on his computer that he received from a friend. Shortly after, he discovered that some of his documents were duplicated with slight modifications, and his system’s performance was deteriorating. Which kind of malware most likely caused these issues?

A. Adware
B. Trojan
C. Worm
D. Virus

Answer: D. Virus. Viruses are

Question 165. The IT department of an e-commerce company is configuring access controls for a new online product inventory system. They want the sales team to update the inventory levels and product details but don’t want them to access financial data stored in the same system. Which access control principle is the IT department applying?

A. Least Privilege
B. Role-Based Access Control (RBAC)
C. Mandatory Access Control (MAC)
D. User-Based Access Control (UBAC)

Answer: B. Role-Based Access

Question 170. A company is developing a new web application that will be processing highly sensitive user data. They want to ensure that if the web server is compromised, attackers cannot directly access the database or other critical infrastructure. Which of the following is the BEST strategy to achieve this objective?

A. Use strong authentication methods for the web application
B. Encrypt the user data at rest and in transit
C. Place the web server and the database server in separate network segments
D. Implement real-time monitoring of the web server

Answer: C. Place the web server

Question 172. The IT department of a large organization receives reports from employees that they are unable to access certain resources on the network. Upon investigation, the IT department discovers that the Access Control List (ACL) settings have been recently modified. Which of the following would be the PRIMARY reason to review and modify the ACL settings?

A. To balance the network load
B. To update the organization's firewall rules.
C. To ensure appropriate access rights to resources
D. To update the organization's password policy

Answer: C. To ensure appropriate

Question 174. During a routine security audit, a company discovered an unauthorized wireless access point using the same SSID as the company’s official wireless network. Additionally, this rogue access point was configured without any encryption. What type of wireless attack is this scenario most indicative of?

A. War Driving
B. Wireless Phishing
C. Bluejacking
D. Evil Twin

Answer: D. Evil Twin. An “Evil

Question 176. A security analyst discovers that an external IP address has been repeatedly trying every possible combination of characters to gain access to the company’s VPN portal for the past two days. Which type of password attack is this MOST likely describing?

A. Password Spraying
B. Dictionary Attack
C. Rainbow Table Attack
D. Brute Force Attack

Answer: D. Brute Force Attack. A

Question 178. A software developer at XYZ Corp included a piece of code in the company’s software that would corrupt the application’s databases if his name was ever removed from the list of contributors in the application credits. Months after he left the company, the application databases were corrupted after an update. What type of malware was responsible for this action?

A. Trojan
B. Spyware
C. Adware
D. Logic bomb

Answer: D. Logic bomb. A logic

Question 179. A popular online shopping platform noticed that some product reviews contained a strange link which, when clicked, led users to a site that resembled the platform but harvested login credentials. What vulnerability in the review system might have allowed attackers to post such links?

A. Session Hijacking
B. Cross-site scripting (XSS)
C. Password Spraying
D. Credential Stuffing

Answer: B. Cross-site scripting

Question 186. During a security audit, a company realized that a malicious actor was able to situate themselves on the network path, capturing TLS handshake messages between clients and the server. The attacker’s goal is to weaken the encryption by influencing the cipher suite negotiation process. What type of network attack does this scenario depict?

A. ARP Poisoning
B. Downgrade Attack
C. SYN Flood
D. Ping of Death

Answer: B. Downgrade Attack. A

Question 187. A developer has implemented a new feature on a company’s website that allows users to search for products by their names. Within a few days, the IT team noticed abnormal activities where entire tables from the database were being dumped. Which vulnerability might the new feature have introduced?

A. Cross-Site Scripting (XSS)
B. Distributed Denial-of-Service (DDoS)
C. Structured Query Language injection (SQLi)
D. Cross-Site Request Forgery (CSRF)

Answer: C. Structured Query

Question 192. A user reports that whenever they try to visit their online banking website, they are redirected to a website that looks identical but has a slightly different URL. The fake website asks for additional personal details that the bank never requested before. Which type of DNS attack is the user likely encountering?

A. DNS Tunneling
B. DNS Fast Flux
C. DNS Cache Poisoning
D. Domain Hijacking

Answer: C. DNS Cache Poisoning.

Question 196. A large news website was rendered unavailable during a major news event. Network logs show an overwhelming amount of traffic from IoT devices. Which type of DDoS attack leveraged IoT devices is this indicative of?

A. Reflected Attack
B. Botnet Attack
C. Amplification Attack
D. Teardrop Attack

Answer: B. Botnet Attack. Botnets,

Question 200. While reviewing web server logs, Sarah, a security analyst, notices a pattern of requests containing “.. %2F..” in the URLs. She suspects this might be an attempt to exploit a vulnerability. Which type of application attack is likely being attempted?

A. Command Injection
B. Cross-Site Scripting (XSS)
C. Directory Traversal
D. Cross-Site Request Forgery (CSRF)

Answer: C. Directory Traversal.

Question 201. A security analyst is reviewing network logs and notices that an attacker positioned in between the user and the target website is intercepting and potentially modifying the user’s communications before passing them on to the intended destination. This malicious activity occurs transparently, with neither the user nor the target website being aware. What type of network attack is being described?

A. Replay Attack
B. Smurf Attack
C. On-path Attack
D. Spoofing Attack

Answer: C. On-path Attack. An

Question 207. During an organization’s security review, the cybersecurity analyst noticed that there were multiple failed login attempts for different user accounts, each with a few commonly used passwords. What type of password attack does this scenario BEST describe?

A. Brute Force Attack
B. Dictionary Attack
C. Credential Stuffing
D. Password Spraying

Answer: D. Password Spraying.

Question 211. An organization is choosing a hash function for digital signatures. They want to ensure that it is resistant to scenarios where an attacker might produce two different messages having the same hash. Which type of attack are they trying to defend against?

A. Side-channel Attack
B. Replay Attack
C. Birthday Attack
D. Ciphertext-only Attack

Answer: C. Birthday Attack. In a

Question 214. Ella, a security analyst, is reviewing the logs of a web application and notices that an attacker attempted to use the following input in a login form: ' OR '1'='1' --. This input was used in an effort to manipulate the application’s backend database. What type of injection attack is this an example of?

A. XML Injection
B. Command Injection
C. SQL Injection
D. LDAP Injection

Answer: C. SQL Injection. The

Question 217. A security auditor found that a website’s login form returns detailed error messages like “Incorrect column name” or “Table not found.” Which type of vulnerability could attackers potentially exploit using this information?

A. Brute Force Attack
B. Structured Query Language injection (SQLi)
C. Man-in-the-Middle Attack
D. Session Hijacking

Answer: B. Structured Query

Question 222. A rapidly growing e-commerce company has recently experienced an increase in cross-site scripting (XSS) and SQL injection attacks. The company wants to deploy a solution that specifically protects against these threats at the application layer. Which type of firewall would be most appropriate?

A. Stateful Packet Inspection Firewall
B. Proxy Firewall
C. Network Layer Firewall
D. Web Application Firewall (WAF)

Answer: D. Web Application

Question 225. The software development team at ABC Corp. has created a unique application that utilizes innovative algorithms. The company wants to ensure that competitors cannot legally copy or replicate their application’s functionality. Which of the following would be the MOST suitable method to protect this intellectual property?

A. Copyright the user interface design
B. Apply for a patent for the innovative algorithms
C. Store the application code in an encrypted vault
D. Ensure all users sign an acceptable use policy (AUP)

Answer: B. Apply for a patent for

Question 228. In a microservices architecture, each service should be designed with a specific principle to ensure it performs a specific task and interacts with other services through well-defined interfaces. What principle is this referring to?

A. Principle of Least Privilege
B. Single Responsibility Principle
C. Open-Closed Principle
D. Zero Trust Model

Answer: B. Single Responsibility

Question 229. An organization that processes classified information is implementing a network infrastructure to ensure the highest level of data security. The CISO recommends using a network configuration that ensures the system remains completely disconnected from unsecured networks and any external connections. Which of the following describes this type of configuration?

A. DMZ (Demilitarized Zone)
B. VPN (Virtual Private Network)
C. VLAN (Virtual Local Area Network)
D. Air-gapped network

Answer: D. Air-gapped network.

Question 234. A smart city project is deploying various IoT sensors across the city to gather data on traffic patterns, weather, pollution levels, and more. Which of the following is the MOST critical security consideration when deploying these sensors?

A. Ensuring high data transfer speeds to cater to the volume of data from the IoT sensors
B. Limiting the IoT devices to communicate only with specific, pre-defined servers
C. Installing physical locks on IoT devices to prevent theft
D. Allowing IoT devices to connect to any available network for data redundancy

Answer: B. Limiting the IoT

Question 239. In a cloud environment, which of the following matrices defines the shared responsibilities between the cloud provider and the customer for specific cloud service models?

A. Shared Accountability Matrix
B. Cloud Resource Allocation Table
C. Cloud Security Posture Matrix
D. Cloud Responsibility Matrix

Answer: D. Cloud Responsibility

Question 240. A financial organization collects and stores personally identifiable information (PII) of its customers. The company operates within jurisdictions that have strict regulations concerning the storage, transmission, and processing of such data. Which of the following strategies would be MOST appropriate for the company to ensure compliance with these regulations?

A. Use open source encryption algorithms without validation
B. Only store customer data in physical, on-site servers
C. Implement data classification and labeling procedures
D. Limit the number of administrators with access to the Data

Answer: C. Implement data

Question 249. A medium-sized e-commerce company recently experienced a data breach due to an external attack. Postincident analysis revealed that while there were indications of the attack in their network traffic, no alarms were raised at the time of the attack. The company now wants to implement a solution to actively monitor and take action against malicious network traffic. Which of the following should they deploy?

A. Intrusion Detection System (IDS)
B. Network Access Control (NAC)
C. Proxy server
D. Intrusion Prevention System (IPS)

Answer: D. Intrusion Prevention

Question 272. An online payment gateway is evaluating methods to enhance the security of its payment processing system. They want a solution that replaces sensitive cardholder data with a unique identifier that has no intrinsic value by itself. Which method should they implement?

A. Hashing the card data
B. Encrypting the card data
C. Masking the card data
D. Tokenizing the card data

Answer: D. Tokenizing the card

Question 291. An international bank is setting up a new online portal for its customers to access their financial statements. Which measure should the bank implement to ensure that financial data in transit between the customer’s browser and the bank’s servers is kept confidential?

A. Use file-level encryption for all financial statements
B. Implement a Web Application Firewall (WAF)
C. Use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the portal
D. Store all financial data in an encrypted database

Answer: C. Use Secure Sockets

Question 294. A financial institution is updating its infrastructure to ensure that customer financial data is kept secure from both internal and external threats. Which of the following would be the MOST effective measure to protect customer financial data from being accessed by unauthorized internal users?

A. Deploying perimeter firewalls around the institution's network
B. Implementing two-factor authentication (2FA) for all customer accounts
C. Enforcing strict access controls based on the principle of least privilege
D. Conducting yearly cybersecurity awareness training for all employees

Answer: C. Enforcing strict access

Question 305. SecureNet Inc. recently upgraded their security infrastructure. To validate how the new system would respond in real-world scenarios without exposing it to actual risks, they decide to imitate certain cyber threats in a controlled environment. Which type of test is SecureNet Inc. planning to conduct?

A. Penetration Testing
B. Simulation Testing
C. Vulnerability Assessment
D. Failover Testing.

Answer: B. Simulation Testing.

Question 309. A tech startup is developing a mobile application that offers exclusive content only to users within a specific country due to licensing agreements. Which method should the startup use to ensure that only users within that country can access the content?

A. Integrate a time-based one-time password (TOTP) system
B. Use geolocation-based access controls
C. Enable biometric authentication
D. Implement IP whitelisting

Answer: B. Use geolocation-based

Question 310. MetroTech recently experienced an incident where an employee mistakenly deleted a portion of their database. The IT team was able to restore the data using a backup snapshot taken 24 hours prior. However, some data loss still occurred. Which of the following recommendations would minimize data loss in a similar situation in the future?

A. Configure backup snapshots to be taken on a weekly basis
B. Employ a differential backup solution in addition to snapshots
C. Increase the storage capacity for backups
D. Use an hourly snapshot backup schedule

Answer: D. Use an hourly

Question 313. After a series of cyberattacks, BetaTech, a financial institution, decided to standardize the configurations across its entire server fleet. They’ve established a secure baseline configuration for their servers. What should be the NEXT step in ensuring the servers conform to this new baseline?

A. Frequently conduct vulnerability scanning on all servers
B. Introduce biometric authentication for server access
C. Deploy the secure baseline across all servers
D. Monitor network traffic to detect anomalies

Answer: C. Deploy the secure

Question 316. A large e-commerce company wants to ensure that their newly developed application is free from any code vulnerabilities before it is deployed to the production environment. They want to catch any software flaws, especially those that might lead to potential security risks. Which of the following methodologies should they employ?

A. Runtime application self-protection (RASP)
B. Penetration testing on the live application
C. Static code analysis
D. User acceptance testing (UAT)

Answer: C. Static code analysis.

Question 319. DeltaSoft has released a new web application. The security team is tasked with observing the application’s behavior and responses when it is running to identify potential vulnerabilities. Which method is most appropriate for this purpose?

A. Static Analysis
B. Fuzz Testing
C. Whitebox Testing
D. Dynamic Analysis

Answer: D. Dynamic Analysis.

Question 322. ClearView Industries wants to give their employees the flexibility to choose their own devices for work while retaining control over the device configurations and applications. Which deployment model would be the MOST appropriate for ClearView’s objectives?

A. Bring Your Own Device (BYOD)
B. Choose Your Own Device (CYOD)
C. Corporate-owned, Personally Enabled (COPE)
D. Fixed Device Deployment (FDD)

Answer: B. Choose Your Own

Question 325. A university is looking to revamp its wireless network to provide secure access for students and faculty. The IT department wants an authentication method that leverages a centralized server to validate user credentials and can integrate with their existing directory service. Which authentication protocol should they consider?

A. Pre-shared Key (PSK)
B. Lightweight Extensible Authentication Protocol (LEAP)
C. Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)
D. Shared Secret Challenge

Answer: C. Extensible

Question 326. TechHive Corp. is planning to sell some of its old servers. Before selling, they want to ensure that no retrievable personal or business data remains on the hard drives. Which of the following methods should TechHive use to ensure the drives are clean and the data cannot be recovered?

A. Simple Format
B. Magnetic Wiping
C. Physical Destruction
D. Standard Defragmentation

Answer: B. Magnetic Wiping.

Question 333. After running a vulnerability scan on the company’s infrastructure, a security analyst notices a reported vulnerability on a server. However, after manual verification, the analyst determines that the vulnerability doesn’t actually exist on the server. What is this situation best described as?

A. A false negative
B. A true positive
C. A false positive
D. A confirmation bias

Answer: C. A false positive. A false

Question 335. A security analyst is reviewing a vulnerability report and sees a reference to CVE-2023-12345 with a CVSS score of 9.5. Which of the following conclusions can the analyst draw based on this information?

A. The vulnerability was first identified in the year 2023
B. The vulnerability is of low severity
C. The vulnerability affects only software produced in 2023
D. CVE-2023-12345 is the software vendor's internal code for the vulnerability Question 335. A security analyst is reviewing a vulnerability report and sees a reference to CVE-2023-12345 with a CVSS 528 score of 9.5. Which of the following conclusions can the analyst draw based on this information? (A) The vulnerability was first identified in the year 2023 (B) The vulnerability is of low severity (C) The vulnerability affects only software produced in 2023 (D) CVE-2023-12345 is the software vendor's internal code for the vulnerability Question 337. ABC Corp recently adopted a Bring Your Own Device (BYOD) policy. The IT department is concerned about the potential risks associated with personal devices accessing the corporate network. Which of the following solutions would be MOST effective for enforcing security policies on these personal mobile devices? (A) Installing antivirus software on each device (B) Establishing a separate guest Wi-Fi network for mobile devices (C) Using Mobile Device Management (MDM) to enforce security policies (D) Mandating that employees use strong passwords on their personal devices

Answer: C. Using Mobile Device

Question 339. A security team recently upgraded their intrusion detection system (IDS). Since the upgrade, the system hasn’t flagged any intrusions, even though intrusion attempts are a regular occurrence. What is this situation best characterized as?

A. A true negative
B. A false negative
C. A true positive
D. A confirmation feedback

Answer: B. A false negative. A

Question 348. A medium-sized enterprise is concerned about the security of its office workstations after a series of malware infections. As a security analyst, which of the following recommendations would BEST improve the security baseline of the workstations?

A. Install multiple antivirus solutions to ensure maximum detection
B. Set up screensavers with cyber hygiene tips to educate users
C. Disable unnecessary services and ports on the workstations
D. Frequently change the desktop wallpaper to prevent Monotony

Answer: C. Disable unnecessary

Question 351. While analyzing a vulnerability in a company’s web application, the security team refers to a specific CVE to understand the vulnerability’s details. They further assess its CVSS score to decide on the remediation urgency. Which of the following best describes the purpose of the CVE and CVSS in this context?

A. CVE provides a severity score, while CVSS gives a unique identifier for the vulnerability
B. CVE and CVSS both offer a scoring mechanism to rank vulnerabilities
C. CVE provides a unique identifier, while CVSS offers a standardized severity score
D. CVE and CVSS are regulatory requirements for all software applications

Answer: C. CVE provides a

Question 353. As part of the company’s vulnerability management initiative, the security team has decided to conduct a series of penetration tests. Which of the following is the PRIMARY reason for incorporating penetration testing as a threat identification method?

A. To ensure compliance with regulatory requirements
B. To validate the efficiency of security awareness training
C. To actively exploit vulnerabilities and assess potential impact
D. To identify misconfigurations in the SIEM system

Answer: C. To actively exploit

Question 367. A marketing team is collaborating on a new campaign and requires access to a shared folder. However, they shouldn’t be able to modify files created by others. How should permissions be set on this shared folder?

A. Assign the marketing team full control
B. Allow the marketing team read-only access
C. Assign the marketing team write-only access
D. Assign the marketing team modify permission but deny the delete permission

Answer: D. Assign the marketing

Question 369. Globex Industries is expanding its data centers across multiple geographic locations. The IT team wants to have a centralized system to get real-time status, outages, and metrics of all data center infrastructures. Which of the following solutions would be the MOST effective for this purpose?

A. Data Loss Prevention (DLP) tools
B. Distributed Denial of Service (DDoS) protection
C. Security Information and Event Management (SIEM)
D. Infrastructure Management Platform (IMP)

Answer: D. Infrastructure

Question 372. Lisa, a security administrator, is using a popular benchmark to ensure the web servers in her organization are configured securely. She wants to make sure that unnecessary services are disabled, and appropriate permissions are set. Which of the following organizations is MOST likely the source of the benchmark she is using?

A. PCI DSS
B. OWASP
C. CIS
D. GDPR

Answer: C. CIS. The Center for

Question 373. The IT department at TechCorp Ltd has been instructed to ensure that critical system files remain unchanged to avoid potential security breaches. They want to implement a system that can provide alerts whenever there is an unauthorized change to these files. Which of the following would best serve this purpose?

A. Data Loss Prevention (DLP)
B. Intrusion Detection System (IDS)
C. File Integrity Monitoring (FIM)
D. Remote Monitoring and Management (RMM)

Answer: C. File Integrity

Question 374. ABC Tech has a mixed environment with both Linux and Windows servers. They want to ensure that processes running on their Linux servers only have access to specific resources and are restricted from performing certain actions. Which of the following tools would be most appropriate for this task?

A. Use Group Policy on their Windows servers and apply it to Linux servers
B. Implement a strict user training regimen to inform users about security best practices
C. Enable Security-Enhanced Linux (SELinux) in enforcing mode
D. Limit user access to Linux servers

Answer: C. Enable Security-

Question 379. A large financial institution recently experienced a security breach where an attacker was able to bypass its intrusion detection system (IDS). Upon investigation, the security team found out that the attacker utilized a zero-day exploit. In the aftermath, what should the institution do to enhance the capability of its IDS?

A. Switch from a signature-based IDS to a behavior-based IDS
B. Disable the IDS and rely solely on firewall rules
C. Update the IDS with the latest threat intelligence feeds and signatures
D. Reduce the frequency of IDS signature updates

Answer: A. Switch from a

Question 384. A financial firm has just experienced a cyber attack, and the IT team identified a piece of malware that evaded their traditional antivirus solutions. The CISO now wants to not only detect but also be able to analyze and respond to such advanced threats in real-time. Which solution should the firm consider implementing?

A. Vulnerability Scanner
B. Intrusion Prevention System (IPS)
C. Endpoint Detection and Response (EDR)
D. Patch Management System

Answer: C. Endpoint Detection

Question 389. A global manufacturing company wants to ensure its employees worldwide do not access websites promoting hate speech, gambling, or explicit content during working hours. To meet this requirement, which web filtering technique would be the most efficient?

A. Deploy a centralized proxy with location-based filtering
B. Use a blacklist of specific URLs known to contain such content
C. Implement content categorization and block undesired categories
D. Monitor internet usage logs and reprimand violators

Answer: C. Implement content

Question 406. An e-commerce company is rolling out a new web application to facilitate online payments. The IT department wants to be immediately notified of any application errors or unauthorized modifications to the application’s codebase. Which of the following tools should they implement?

A. Web Application Firewall (WAF)
B. Application Performance Monitoring (APM)
C. Domain Name System (DNS) monitoring tool
D. Network flow analyzer

Answer: B. Application

Question 407. Paul, a network administrator, has configured various networking devices in his organization to send alerts in the event of specific failures. After a switch experienced a power supply failure, Paul received an immediate notification. Which of the following did Paul most likely utilize to receive this notification?

A. Syslog server
B. Simple Network Management Protocol (SNMP) traps
C. Packet sniffer
D. Firewall logs

Answer: B. Simple Network

Question 408. DeltaCorp, a retail company, has assessed that a security breach might result in a loss of $1 million in sales. The company has determined that they can tolerate a loss of up to $500,000, but anything beyond that would severely impact operations. To cover the potential financial loss beyond their tolerance level, they decide to purchase cybersecurity insurance. Which of the following terms best describes the $500,000 figure?

A. Risk appetite
B. Risk threshold
C. Risk capacity
D. Risk assessment

Answer: B. Risk threshold. The

Question 410. After a recent security incident, Sarah, a network security analyst, wants to analyze the flow data of network traffic to identify patterns and potential threats. She wants to collect metadata about IP traffic flow and gather details like IP addresses, ports, and protocols used. Which tool should Sarah employ to obtain this information?

A. Intrusion Detection System (IDS)
B. Syslog server
C. NetFlow collector
D. Simple Network Management Protocol (SNMP) traps

Answer: C. NetFlow collector.

Question 417. At ExamsDigest, employees can access the company’s cloud-based storage system. However, access to certain files within the storage is determined by the employee’s department, job title, and years of service. For instance, senior managers in the finance department with more than five years of service can view the company’s financial forecasts. Which access control model is ExamsDigest using?

A. Rule-Based Access Control (RAC)
B. Role-Based Access Control (RBAC)
C. Attribute-Based Access Control (ABAC)
D. Discretionary Access Control (DAC)

Answer: C. Attribute-Based

Question 419. DeltaCorp has a password policy in place which mandates users to change their passwords every 30 days. However, some users complain that this results in them choosing simpler passwords or writing them down to remember them. How can DeltaCorp maintain security while addressing these concerns?

A. Reduce the password change frequency but introduce more complexity requirements
B. Eliminate password changes and rely solely on twofactor authentication
C. Ask users to change passwords every week to improve security
D. Allow users

Answer: A. Reduce the password

Question 420. During a review of IDS logs, a security specialist notices a series of alerts indicating that a single external IP has been sending payloads that exploit a known vulnerability. However, the internal system to which these payloads are sent is patched and is not vulnerable to the exploit. Which of the following describes this type of IDS alert?

A. False positive
B. False negative
C. True positive
D. True negative

Answer: C. True positive. A true

Question 427. GammaTech has a new remote access policy for its employees. Whenever an employee attempts to access the corporate network from an unfamiliar location, the system requests additional verification before granting access. Which factor of authentication is being emphasized in this policy?

A. Knowledge-based questions the employee answers
B. A fingerprint scan from the employee
C. The physical coordinates of the employee's access point
D. An SMS code sent to the employee's phone

Answer: C. The physical

Question 434. During a suspected security incident involving unauthorized access to sensitive data, Jake, an IT administrator, immediately disconnected the affected server from the network. Later, a digital forensic expert criticized Jake’s action. Which of the following is the MOST likely reason for the criticism?

A. Jake should have left the server connected to capture more evidence from the attacker
B. Jake should have immediately informed the company's legal department
C. Jake should have taken an image of the server's memory before disconnecting it
D. Jake should have updated the server's software to prevent further unauthorized access

Answer: C. Jake should have

Question 436. After a security breach, Jake, a digital forensics investigator, arrives at the scene to collect a hard drive for examination. He labels the hard drive, records its serial number, photographs the scene, and ensures the hard drive is transported securely to the forensics lab. These steps are crucial to:

A. Preserve the data's integrity on the hard drive
B. Maintain the chain of custody
C. Decrypt the data on the hard drive
D. Implement a legal hold on the data

Answer: B. Maintain the chain of

Question 445. AlphaCorp’s IT department is reviewing password policies and wants to adopt a strategy that enhances security. Which of the following password strategies would be the MOST secure?

A. Passwords should be at least 6 characters long, with no other requirements
B. Passwords should be at least 10 characters long and include both uppercase and lowercase letters
C. Passwords should be at least 8 characters long and include uppercase letters, lowercase letters, numbers, and special characters
D. Passwords should be at least 4 characters long and include a mix of uppercase and lowercase letters

Answer: C. Passwords should be

Question 448. DeltaTech, a progressive tech firm, is aiming to improve its security posture by eliminating the vulnerabilities associated with password use. They are considering deploying a passwordless authentication system. Which of the following represents the PRIMARY advantage of such a system?

A. It allows users to choose any password complexity
B. It eliminates the need for remembering passwords
C. It guarantees protection against all cyber threats
D. It ensures compatibility with all legacy systems

Answer: B. It eliminates the need

Question 452. The cybersecurity team of XYZ Corp. plans to assess their organization’s preparedness for a potential data breach. They aim to evaluate the effectiveness of their response strategy without performing any real actions. Which of the following methods would BEST help them achieve this goal?

A. Live fire exercise
B. System hardening test
C. Red team/blue team exercise
D. Tabletop exercise

Answer: D. Tabletop exercise. A

Question 454. A financial company is designing a new system that needs to ensure data is accessed based on classifications and clearance levels of the users. Which of the following access control models BEST fits this requirement?

A. Role-Based Access Control (RBAC)
B. Discretionary Access Control (DAC)
C. Mandatory Access Control (MAC)
D. Attribute-Based Access Control (ABAC)

Answer: C. Mandatory Access

Question 461. RedFlare Solutions, a financial firm, is storing sensitive client data in a database. The Chief Information Security Officer (CISO) insists that the data should be unreadable even if it’s intercepted during transmission or if the storage is compromised. Which encryption standard would best serve this requirement?

A. Symmetric encryption using a shared key
B. Hashing the data with a one-way function
C. Encrypting the entire database using transparent data encryption
D. Storing the data in a proprietary format

Answer: C. Encrypting the entire

Question 462. GlobalTech, a software development company, is entering into a partnership with WebSolutions, a web hosting provider. They aim to create a standard set of terms governing their ongoing business transactions, including payment terms, delivery protocols, and warranties. Which type of agreement is most suitable for establishing these foundational terms for future transactions?

A. Memorandum of understanding (MOU)
B. Non-disclosure agreement (NDA)
C. Licensing agreement
D. Master service agreement (MSA)

Answer: D. Master service

Question 463. TechCorp is implementing a new cloud-based solution. The security team has been tasked with analyzing the risks associated with this project. They’ve decided to categorize the risks based on their potential impact levels: Low, Medium, High, and Critical. Which type of risk analysis is TechCorp’s security team employing?

A. Quantitative
B. Statistical
C. Qualitative
D. Financial

Answer: C. Qualitative. Qualitative

Question 466. CyberSecure Inc. is evaluating the financial impact of a potential security breach on its main server. The company has estimated that a breach of this server would lead to a direct financial loss of $500,000 due to data recovery, legal fees, and fines. Which of the following best represents this estimation?

A. Annual Rate of Occurrence (ARO)
B. Total Cost of Ownership (TCO)
C. Single Loss Expectancy (SLE)
D. Annualized Loss Expectancy (ALE)

Answer: C. Single Loss

Question 470. WebServ Corp., a web hosting company, has been analyzing the reliability of its servers. They found that one of their server models, on average, tends to fail once every 2000 hours and then gets promptly repaired. Which of the following metrics is WebServ Corp. evaluating?

A. Recovery Time Objective (RTO)
B. Mean Time To Repair (MTTR)
C. Mean Time Between Failures (MTBF)
D. Recovery Point Objective (RPO)

Answer: C. Mean Time Between

Question 471. TechFusion Inc. is a well-established technology company that has been in the market for over 15 years. Recently, the board of directors decided that the company will pursue aggressive growth strategies by entering new, untested markets and launching cutting-edge products, even if these strategies come with significant risks. How would you classify TechFusion Inc.’s risk appetite?

A. Conservative
B. Expansionary
C. Neutral
D. Risk-averse

Answer: B. Expansionary.

Question 472. After a significant merger between two large corporations, a comprehensive risk assessment was conducted to identify potential security gaps within the combined infrastructure. This assessment was exclusive to the merger and was not planned to be repeated in the future. What type of risk assessment was this?

A. Recurring
B. Continuous
C. One-time
D. Dynamic

Answer: C. One-time. A one-time

Question 473. AcmeTech, a software development firm, recently experienced a major data breach that was traced back to a vulnerability in their custom-built application. Post-incident analysis revealed that the vulnerability had been introduced during the coding phase and was never detected during testing. To avoid such vulnerabilities in the future, which policy should AcmeTech emphasize to ensure secure practices are maintained throughout the development process?

A. Incident Response Policy
B. Change Management Policy
C. Business Continuity Policy
D. Software Development Lifecycle (SDLC) Policy

Answer: D. Software Development

Question 476. After a recent security breach, CyberSolutions Inc. evaluated their response metrics and determined that, on average, it took 4 hours from identifying a security breach to having it completely resolved. Which metric best describes this 4-hour timeframe?

A. Recovery Time Objective (RTO)
B. Recovery Point Objective (RPO)
C. Mean Time Between Failures (MTBF)
D. Mean Time To Repair (MTTR)

Answer: D. Mean Time To Repair

Question 478. During an audit review at NetSecure Corp., the external auditors observed that the company is willing to take risks that can potentially result in a 10% decrease in their annual profits, but no more than that. The auditors want to document this finding in their report. Which term should they use to describe NetSecure Corp.’s stance?

A. Risk Avoidance
B. Risk Transfer
C. Risk Tolerance
D. Risk Assessment

Answer: C. Risk Tolerance. Risk

Question 479. TechGuard Corp. conducts a risk assessment every six months to identify new vulnerabilities and ensure that previous risk-mitigation strategies remain effective. This type of risk assessment is best described as:

A. Periodic
B. Ad hoc
C. Continuous
D. Recurring

Answer: D. Recurring. Recurring

Question 484. A global e-commerce company maintains a risk register to keep track of identified risks and to monitor specific metrics that might indicate an increased risk level. Recently, there has been a 20% increase in abandoned shopping carts on their platform. How should this metric be categorized in the context of the risk register?

A. Risk Appetite
B. Risk Mitigation Strategy
C. Key Risk Indicator (KRI)
D. Risk Tolerance Threshold

Answer: C. Key Risk Indicator

Question 485. A financial institution has reported that they experience an average of 3 phishing attacks every year that attempt to compromise their user data. Based on this data, what is the Annualized Rate of Occurrence (ARO) for these phishing attacks?

A. 0.33
B. 1
C. 3
D. 12

Answer: C. 3. The Annualized Rate

Question 488. Your organization is considering a partnership with TechVendor Inc., a software solution provider. Before finalizing the agreement, you wish to ensure their application’s security. What would be the most direct method to assess the robustness of their system against potential cyber threats?

A. Conducting an internal security awareness training
B. Reviewing their past audit reports
C. Implementing strict firewall rules
D. Performing a penetration test on their application.

Answer: D. Performing a

Question 491. XYZ Corp is in the process of defining clear roles and responsibilities for their IT assets. During a meeting, the team discussed the primary individual who will have the responsibility for the data within a specific IT system and also be the main point of contact for any decisions related to it. Which of the following roles best describes this individual?

A. System administrator
B. Data custodian
C. System owner
D. End-user

Answer: C. System owner. The

Question 492. As the Chief Security Officer (CSO) of AlphaTech, you are in the process of finalizing a partnership agreement with a third-party provider. To ensure ongoing security compliance and transparency, you want to reserve the right for your organization to inspect the vendor’s operations and security measures in the future. Which clause should you ensure is included in the contract?

A. Non-disclosure agreement (NDA)
B. Service level agreement (SLA)
C. Termination clause
D. Right-to-audit clause

Answer: D. Right-to-audit clause.

Question 493. CyberGuard LLC, a cybersecurity firm, is in a stable position in its industry with consistent returns. The leadership decides not to pursue aggressive growth strategies but instead chooses to maintain its current market share and operational scale. They are open to minor risks but avoid major disruptions. How can one best describe CyberGuard LLC’s risk appetite?

A. Expansionary
B. Neutral
C. Conservative
D. Aggressive

Answer: B. Neutral. A neutral risk

Question 494. Two university research departments, UniAlpha and UniBeta, decide to collaborate on a project exploring quantum computing’s security implications. They need an agreement to express mutual intentions without enforcing legally binding obligations. Which document is most suitable for their needs?

A. Service-level agreement (SLA)
B. Non-disclosure agreement (NDA)
C. Memorandum of understanding (MOU)
D. Licensing agreement

Answer: C. Memorandum of

Question 496. AcmeBank recently performed a business impact analysis for its online banking system. The result indicated that the bank could tolerate a maximum downtime of 4 hours for the system before incurring significant financial losses and customer dissatisfaction. Which concept best describes this 4- hour period?

A. Recovery Point Objective (RPO)
B. Maximum Tolerable Downtime (MTD)
C. Recovery Time Objective (RTO)
D. Time To Restore (TTR)

Answer: C. Recovery Time

Question 497. DigitalZone Corp, a marketing company, collects personal data from users and determines how and why that data will be processed. At the same time, they engage an external company, CloudSolutions, to store and manage this data. In this scenario, what role does DigitalZone Corp play in relation to data protection regulations?

A. Processor
B. Data subject
C. Controller
D. Third-party provider

Answer: C. Controller. DigitalZone

Question 498. TechFirm Inc. has decided to engage in a new business venture. Before they move forward, the security team conducts several brainstorming sessions, interviews, and reviews historical data to generate a list of potential security threats that the new venture could face. This activity is a primary component of which step in the risk management process?

A. Risk assessment
B. Risk response
C. Risk monitoring
D. Risk identification

Answer: D. Risk identification.

Question 503. TechFusion and CodeRush, two independent software development companies, are collaborating on a project that is expected to define industry standards for a new coding language. While both parties have an understanding of shared responsibilities, they have not yet established legally binding obligations. Which type of agreement best suits their current collaborative understanding?

A. Service-level agreement (SLA)
B. Non-disclosure agreement (NDA)
C. Memorandum of agreement (MOA)
D. Licensing agreement

Answer: C. Memorandum of

Question 505. CyberTech Inc., a cybersecurity consulting company, is in discussions with a potential client, MedCorp, to assist in developing a new secure medical records system. MedCorp will be sharing sensitive patient data with CyberTech as part of the process. Which agreement should be in place before the sharing of such information to ensure confidentiality?

A. Memorandum of understanding (MOU)
B. Service-level agreement (SLA)
C. Non-disclosure agreement (NDA)
D. Work order (WO)/statement of work (SOW)

Answer: C. Non-disclosure

Question 507. WhiteCape Healthcare, an international healthcare provider, has a large patient database that includes many EU citizens. They’re about to implement a new system to improve data access for physicians. Which of the following regulatory requirements should they pay particular attention to when granting physicians access to EU patient data?

A. Ensure data is only accessed for tax reporting purposes
B. Acquire explicit consent from patients before sharing data
C. Encrypt all data using a proprietary algorithm
D. Store data in a physical server located within the EU

Answer: B. Acquire explicit

Question 508. WebFlix, a popular online movie streaming service, experienced a data center outage due to a natural disaster. They had backups in place and restored their systems using data from 6 hours prior to the outage. This resulted in the loss of some user interactions, like ratings and watchlists from the last 6 hours. What term describes the 6-hour gap between the last backup and the time of the outage?

A. Recovery Time Objective (RTO)
B. Maximum Tolerable Downtime (MTD)
C. Recovery Duration Period (RDP)
D. Recovery Point Objective (RPO)

Answer: D. Recovery Point

Question 515. Emily, a cybersecurity analyst, has been tasked with gathering preliminary information about a target organization without directly interacting with its systems. She decides to collect data from third-party sources, search engines, public records, and other online platforms without sending any packets to the target. Which phase of penetration testing is Emily currently engaged in?

A. Active reconnaissance
B. Passive reconnaissance
C. Vulnerability scanning
D. Threat hunting

Answer: B. Passive

Question 516. As part of an initial penetration testing phase, Jackson is using tools that directly probe and interact with the target system’s network to discover open ports, services, and other potential access points. While this approach is more direct and could be detected by the target’s security systems, it provides detailed and actionable insights. Which type of reconnaissance is Jackson performing?

A. Threat analysis
B. Passive reconnaissance
C. Active reconnaissance
D. Social engineering

Answer: C. Active reconnaissance.

Question 517. TechFirm, a leading technology conglomerate, recently conducted a security exercise. The goal was for the internal security team to defend against a series of simulated attacks from an external red team. While the red team launched attacks, the internal team’s objective was to detect, respond, and mitigate those threats. What type of penetration testing is TechFirm employing for its internal security team?

A. Offensive penetration testing
B. Passive penetration testing
C. Defensive penetration testing
D. Black box testing

Answer: C. Defensive penetration

Question 518. Emily, an executive assistant, receives a phone call from an individual claiming to be a new employee in the IT department. The caller says they’re conducting a routine check and needs Emily to confirm her username and password for system verification. How should Emily respond?

A. Politely decline and report the call to the IT department
B. Provide the caller with the username but not the password
C. Ask the caller to email the request, so there's a written record
D. Hang up without saying anything

Answer: A. Politely decline and

Question 522. SafeNet, a financial institution, decided to undertake a comprehensive security assessment. They brought together their internal security team and an external group of ethical hackers. Their objective was for these teams to collaboratively assess vulnerabilities, perform real-time attack simulations, and evaluate defense mechanisms. What form of penetration testing is SafeNet utilizing?

A. Black box testing
B. Integrated penetration testing
C. Defensive penetration testing
D. Red team assessment

Answer: B. Integrated penetration

Question 523. AlphaTech, a leading tech manufacturer, is considering a penetration test to identify vulnerabilities in their new product’s firmware. They provide the testers with firmware source code, architecture diagrams, and other internal details to ensure a thorough evaluation. What kind of penetration test is AlphaTech commissioning?

A. Zero-knowledge testing
B. Open box testing
C. Opaque testing
D. Blind testing

Answer: B. Open box testing.

Question 525. WebMasters LLC, a popular web hosting company, wants to ensure the robust security of their hosted websites. They initiate a security challenge, inviting ethical hackers worldwide to find vulnerabilities without giving any details about their servers, databases, or applications. Which penetration testing method is WebMasters LLC utilizing?

A. External testing
B. Grey box testing
C. Active testing
D. Black box testing

Answer: D. Black box testing. In

Question 531. A medium-sized organization recently had a third-party auditor review their information security controls. After the review, the auditor provided a formal statement that verified the effectiveness of the controls in place. What is this formal statement referred to as?

A. Certification
B. Accreditation
C. Attestation
D. Assurance

Answer: C. Attestation. An

Question 533. TechGuard Inc. and CloudSecure are two cybersecurity firms that are considering a collaboration on a new cloud security project. Both companies have proprietary technologies and methodologies they will bring into the partnership. Before embarking on the collaborative venture, which agreement should they finalize to define the terms of their partnership, roles, and shared responsibilities?

A. Non-disclosure agreement (NDA)
B. Service-level agreement (SLA)
C. Business partners agreement (BPA)
D. Memorandum of understanding (MOU)

Answer: C. Business partners

Question 535. A cybersecurity firm has been hired by TechGiant Corp. to perform penetration testing on their infrastructure. Before the testing begins, the CEO of TechGiant Corp. wants to ensure that certain critical systems are not targeted, and that the testing will not disrupt their ongoing operations. What should be established to define the scope and boundaries of the test?

A. Service-level agreement (SLA)
B. Non-disclosure agreement (NDA)
C. Rules of engagement (ROE)
D. Memorandum of understanding (MOU)

Answer: C. Rules of engagement

Question 537. A healthcare provider wants to evaluate the security of their patient portal. They inform the penetration testers about the technologies used, such as the programming languages and databases. However, specifics about the security measures in place, including intrusion detection systems, are 687 kept secret. What kind of penetration test are they aiming for?

A. White box testing
B. External testing
C. Grey box testing
D. Active testing

Answer: C. Grey box testing. Grey

Question 538. TechFirm Inc. collects personal data from its users and decides on the purposes and means of processing this data. They also outsource data storage to CloudData, a thirdparty company. In the context of data privacy regulations, how would TechFirm and CloudData be classified respectively?

A. TechFirm: Processor; CloudData: Controller
B. TechFirm: Controller; CloudData: Processor
C. Both TechFirm and CloudData: Processors
D. Both TechFirm and CloudData: Controllers

Answer: B. TechFirm: Controller;