1) A company's database containing sensitive customer information was compromised. Although the attacker accessed the data, there was no evidence of data alteration or deletion. Which principle of the CIA triad was violated in this case? a) a) Integrity b) b) Availability c) c) Confidentiality d) d) Possession 2) During a cyberattack, an attacker alters the contents of a financial report in a company's database, leading to incorrect financial statements. Which principle of the CIA triad was compromised? a) A) Confidentiality   b) B) Availability c) C) Integrity d) D) Utility 3) A hospital's network is hit by a ransomware attack, preventing healthcare staff from accessing patient records during an emergency. Which element of the CIA triad is impacted in this scenario? a) A) Confidentiality   b) B) Integrity c) C) Possession d) D) Availability 4) A laptop containing sensitive business documents was stolen. Although the data wasn't accessed, the company is concerned because the thief physically possesses the device. Which element of the Parkerian Hexad is affected? a) A) Confidentiality   b) B) Authenticity c) C) Possession d) D) Utility 5) After a website breach, fake login pages were placed on the company’s site, tricking users into entering their credentials. What aspect of the Parkerian Hexad is violated in this case? a) A) Confidentiality   b) B) Authenticity c) C) Utility d) D) Integrity 6) A backup file is fully encrypted but becomes corrupted, rendering it completely unreadable. Which principle of the Parkerian Hexad has been compromised? a) A) Integrity   b) B) Possession c) C) Utility d) D) Availability 7) A healthcare provider stores patient records in a cloud-based system. To ensure that only authorized personnel can access these records, which of the following measures should be implemented? a) A) Data Encryption b) B) Regular Backups c) C) Network Segmentation d) D) Data Redundancy 8) An e-commerce company wants to ensure that their transaction logs are not tampered with during storage. Which of the following techniques best ensures data integrity? a) A) Hashing b) B) Firewall c) C) Access Control Lists d) D) VPN 9) A financial institution needs to ensure that its online banking services remain operational even during peak usage times. Which strategy should they adopt? a) A) Load Balancing b) B) Encryption c) C) Intrusion Detection Systems d) D) Multi-Factor Authentication 10) A tech company wants to ensure that its proprietary software code remains under its control and does not get leaked. What measure should be prioritized? a) A) Digital Rights Management (DRM) b) B) User Training c) C) Antivirus Software d) D) Network Monitoring 11) An organization needs to verify the authenticity of emails received from its partners to prevent phishing attacks. Which solution is most appropriate? a) A) Digital Signatures b) B) Firewalls c) C) Regular Software Updates d) D) Data Backups 12) A company stores large amounts of data in various formats across different systems. To ensure this data remains usable and valuable, what should they implement? a) A) Data Standardization b) B) Physical Security Controls c) C) Access Logs d) D) Password Policies 13) A network administrator notices unusual traffic patterns on the network and discovers that an unauthorized user has been secretly eavesdropping on communications between two employees. No data has been altered, but sensitive information was exposed. What type of attack is this? a) A) Interruption   b) B) Modification c) C) Interception d) D) Fabrication 14) An e-commerce website experiences a Denial of Service (DoS) attack, causing the site to be unavailable for customers, leading to a loss in revenue. Which type of attack best describes this situation? a) A) Interception   b) B) Interruption c) C) Modification d) D) Fabrication 15) A hacker gains access to a company's financial system and changes the values in the sales report, making it appear that sales were higher than they actually were. The data was not deleted, but it was altered. Which type of attack occurred? a) A) Fabrication   b) B) Interception c) C) Modification d) D) Interruption 16) An attacker creates fake entries in a company’s transaction logs, making it seem like large payments were made when in fact, no such payments occurred. What type of attack is this? a) A) Modification   b) B) Interruption c) C) Fabrication d) D) Interception 17) A company's network administrator notices unusual network traffic and suspects that sensitive emails between executives are being accessed by unauthorized parties. What type of attack is likely occurring? a) A) Interruption b) B) Interception c) C) Modification d) D) Fabrication 18) An online retailer experiences a sudden outage of its payment processing system during a major sale event, preventing customers from completing their purchases. What type of attack does this scenario describe? a) A) Interception b) B) Interruption c) C) Modification d) D) Fabrication 19) During a security audit, it is discovered that an attacker altered the contents of financial transaction records to divert funds into their own account. What type of attack is this? a) A) Interception b) B) Interruption c) C) Modification d) D) Fabrication 20) A company finds several unauthorized accounts created within their database that were used to generate fraudulent transactions. What type of attack does this indicate? a) A) Interception b) B) Interruption c) C) Modification d) D) Fabrication 21) A web application allows users to submit search queries, but an attacker enters special characters in the input field to execute malicious database commands. Sensitive data is returned from the database. What type of attack is this? a) A) Cross-Site Scripting (XSS)   b) B) Buffer Overflow c) C) SQL Injection d) D) Phishing 22) A user visits a website and clicks on what appears to be a button to close a pop-up, but instead, the click triggers a hidden action that transfers funds from their account. What type of attack is this? a) A) Phishing   b) B) Man-in-the-Middle c) C) Clickjacking d) D) Tailgating 23) A company’s e-commerce site is flooded with thousands of connection requests from multiple sources, making the website unavailable to legitimate users. What type of attack is this? a) A) Brute Force   b) B) DDOS c) C) Phishing d) D) Tailgating 24) An attacker intercepts communication between a user and a bank’s website, altering messages without either party realizing it. What type of attack is this? a) A) Man-in-the-Middle   b) B) Cross-Site Forgery c) C) SQL Injection d) D) Phishing 25) A user is logged into their bank account and then visits a malicious website. Without the user's knowledge, a request is sent from the malicious site to transfer money from their bank account. What type of attack is this? a) A) SQL Injection   b) B) Cross-Site Request Forgery (CSRF) c) C) Clickjacking d) D) Ransomware 26) An employee receives an email that appears to be from the company’s IT department, asking them to click a link and verify their credentials. The link leads to a fake login page. What type of attack is this? a) A) Phishing   b) B) Spyware c) C) Trojan Horse d) D) SQL Injection 27) An attacker calls a company employee, pretending to be from the HR department, and convinces the employee to provide personal information to "verify" their account. What type of attack is this? a) A) Phishing   b) B) Pretexting c) C) Man-in-the-Middle d) D) Tailgating 28) A person follows an authorized employee through a secure door without using their own credentials, bypassing physical security. What type of attack is this? a) A) Tailgating   b) B) Phishing c) C) Trojan Horse d) D) Brute Force 29) A program crashes after a user inputs a large amount of data, allowing the attacker to execute arbitrary code and take control of the system. What type of attack is this? a) A) Brute Force   b) B) Buffer Overflow c) C) SQL Injection d) D) Spyware 30) A system allows multiple users to update the same database record at the same time, and an attacker exploits this by submitting two conflicting requests simultaneously, resulting in unexpected behavior. What type of attack is this? a) A) Trojan Horse   b) B) SQL Injection c) C) Race Condition d) D) Brute Force 31) A company wants to ensure that only authorized employees can access sensitive customer data stored on its servers. They implement a system that requires users to authenticate using a username and password, and then checks their permissions before granting access. What type of control does this scenario describe? a) A) Physical Control b) B) Administrative Control c) C) Logical Control d) D) Compensating Control 32) To prevent unauthorized entry into its data center, an organization installs biometric scanners at all entrances, requiring fingerprint verification for access. What type of control is this? a) A) Logical Control b) B) Administrative Control c) C) Physical Control d) D) Detective Control 33) An organization develops a comprehensive security policy that outlines acceptable use of company resources, incident response procedures, and employee responsibilities for maintaining security. What type of control is this? a) A) Logical Control b) B) Administrative Control c) C) Physical Control d) D) Preventive Control 34) An organization becomes aware that a hacker group is actively targeting companies in their industry to steal sensitive customer data for resale on the dark web. What is this an example of? a) A) Vulnerability   b) B) Threat c) C) Impact d) D) Risk 35) A company’s outdated firewall software lacks the necessary patches to protect against newer forms of malware. This could allow attackers to bypass the firewall and access the internal network. What does this describe? a) A) Threat   b) B) Risk c) C) Vulnerability d) D) Impact 36) An online retailer stores customer credit card information without encryption. If an attacker gains access to the database, they could steal and misuse the card information. What does this scenario describe? a) A) Impact   b) B) Risk c) C) Vulnerability d) D) Threat 37) After a ransomware attack, a healthcare organization is unable to access patient records for several days, resulting in delayed medical treatments and financial penalties. What does this describe? a) A) Threat   b) B) Vulnerability c) C) Risk d) D) Impact 38) A company needs to encrypt large volumes of data quickly and securely for storage on its servers. They decide to an encryption algorithm known for its efficiency due to using a single private key. Which algorithm should they choose? a) Hash Function b) PKI c) Symmetric d) Asymmetric 39) A company wants to ensure the integrity of its software downloads by providing a verification method that users can verify after downloading. Which one should they use? a) Hash Function b) PKI c) Digitial Signature d) Symmetric 40) An executive needs to send an important contract via email and wants to ensure the recipient can verify the document's authenticity and integrity. What cryptographic tool should be used? a) A) Symmetric Encryption b) B) Digital Signature c) C) Stream Cipher d) D) Certificate Authority 41) A company wants to enable secure email communication for its employees by ensuring that only the intended recipient can decrypt the message. The solution must use a public and private key pair. Which encryption method should be used? a) Symmetric Encryption b) PKI c) Digital Signature d) Asymmetric Encryption 42) A company needs to encrypt a video stream in real-time. They want an encryption method that can encrypt data continuously as it is being transmitted, rather than waiting for a chunk of data to be collected. Which encryption method is most suitable for this? a) A) Block Cipher (AES)   b) B) Stream Cipher c) C) Hashing (SHA-2) d) D) Digital Signatures 43) A company’s website uses HTTPS to secure communication between users and the server. Users can trust the website because it has been issued a public key by a trusted third-party authority. What technology is being used to verify the website’s authenticity? a) A) Block Cipher   b) B) Stream Cipher c) C) Certificates d) D) Hashing (MD5) 44) A healthcare organization needs to protect sensitive patient information stored on its servers to comply with HIPAA regulations. They decide to implement a security measure that encrypts all stored data. Which technology should they use? a) A) VPN b) B) BitLocker c) C) ASLR d) D) SSL/TLS 45) A company wants to ensure that all communications between its remote employees and the corporate network are secure from eavesdropping as they travel over the internet. What solution should they implement? a) A) AES Encryption b) B) VPN c) C) ASLR d) D) Digital Signatures 46) A software company is concerned about potential memory-based attacks on its applications while they are running. To mitigate this risk, they decide to implement a technique that randomizes memory addresses used by system and application processes. What technique are they using? a) A) BitLocker b) B) VPN c) C) ASLR d) D) SSL/TLS 47) During a routine audit, a cybersecurity team discovers that the company's backup system is vulnerable to ransomware attacks due to outdated software and lack of encryption. What step of risk management is this? a) A) Mitigation   b) B) Evaluation c) C) Identification d) D) Assessment 48) After identifying that the company’s backup system is vulnerable to ransomware, the cybersecurity team evaluates the likelihood of an attack and the potential impact on business operations if the backup system were compromised. Which risk management process does this describe? a) A) Evaluation   b) B) Identification c) C) Mitigation d) D) Assessment 49) To address the identified risk of ransomware attacks on the backup system, the cybersecurity team updates the backup software, encrypts the backup files, and implements multi-factor authentication for accessing the backup system. Which step of the risk management process is being applied? a) A) Identification   b) B) Mitigation c) C) Assessment d) D) Evaluation 50) Six months after implementing encryption and multi-factor authentication for the backup system, the cybersecurity team conducts a review to determine whether the new measures have effectively reduced the risk of ransomware attacks. What step of the risk management process does this describe? a) A) Mitigation   b) B) Evaluation c) C) Identification d) D) Assessment 51) In the preparation phase of incident response, what is the primary benefit of conducting regular training and simulations for an incident response team? a) A) It guarantees that no incidents will occur.   b) B) It improves the team's ability to recognize and respond to incidents efficiently. c) C) It allows the team to handle all incidents on their own without external help. d) D) It increases the overall budget for cybersecurity. 52) A ransomware attack has been detected on a company's network. The incident response team decides to contain the event by isolating the affected systems to prevent the malware from spreading to other systems within the network. What is the best method for containing this ransomware attack? a) A) Disconnect all systems from the network.   b) B) Isolate only the affected servers and segment the network. c) C) Inform all employees to power off their computers. d) D) Allow the ransomware to encrypt data to analyze its impact. 53) What is the primary goal of the eradication phase of incident response? a) A) To replace all hardware in the organization.   b) B) To identify the source of the incident and ensure all traces of the threat are removed. c) C) To initiate recovery efforts immediately. d) D) To inform the media about the incident. 54) After removing the ransomware from the systems, the incident response team restores data from backups and confirms the integrity of the systems and brings them back online. Which phase of incident response is this? a) Remediate b) Recovery c) Restore d) Lesson Learned 55) What is the primary purpose of conducting a lessons learned session after an incident? a) A) To assign blame for mistakes made during the incident.   b) B) To identify areas for improvement in the incident response process and update the response plan. c) C) To prepare a report for law enforcement. d) D) To celebrate the team’s quick response to the incident. 56) A tech company has installed surveillance cameras, access control systems, and security personnel at its headquarters to prevent unauthorized access to sensitive areas. Which aspect of defense in depth is primarily being implemented in this scenario? a) A) Network Security   b) B) Physical Security c) C) Host Security d) D) Application Security 57) An organization has instituted the defense in depth principle. They deployed firewalls, intrusion detection systems (IDS), and VPNs to protect against external threats. What is the main purpose of using firewalls and intrusion detection systems in this scenario? a) To protect the physical layer b) To protect the network layer c) To protect the application layer d) To protect the data layer 58) A healthcare provider encrypts patient records, implements access controls, and conducts regular data backups to protect sensitive information. What is the primary focus of implementing encryption and access controls in this scenario? a) A) To improve data access speeds.   b) B) To ensure data integrity and confidentiality. c) C) To enhance physical security measures. d) D) To facilitate software updates. 59) A company has a shared folder on its file server containing sensitive documents. The IT administrator sets up an Access Control List (ACL) for the folder. Employees in the Finance department are granted read and write permissions, while employees in other departments have no access. What is the primary purpose of the ACL configured for the Finance department employees? a) A)  Identity and Access Management b) B) Least Privilege   c) C) Defense in Depth d) D) Separation of Duties 60) A network security analyst is tasked with assessing the wireless networks within a corporate environment to identify any unauthorized (rogue) access points and assess the overall security posture. The analyst needs a tool that can provide detailed information about connected devices. Which of the following tools would be the most suitable for this task? a) A) Nmap   b) B) Wireshark c) C) Kismet d) D) Metasploit 61) A network administrator needs to perform a security audit of the company's internal network. The administrator wants to identify all active devices on the network, their IP addresses, open ports, and the services running on those ports. The goal is to discover any potential vulnerabilities in the network. Which of the following tools would be the most effective for conducting this network scan? a) A) Wireshark   b) B) Kismet c) C) Nmap d) D) Nessus 62) A cybersecurity analyst is investigating a suspected data breach in the company's network. The analyst needs to capture and analyze live network traffic to identify any suspicious activities, such as unauthorized data transfers or unusual communication patterns. Which of the following tools would be the most appropriate for this task? a) A) Nmap   b) B) Kismet c) C) Metasploit d) D) Wireshark 63) A web application security tester has been assigned to perform a security assessment on a newly developed online banking application. The tester needs to identify potential vulnerabilities, such as SQL injection, Cross-Site Scripting (XSS), and insecure session management. The goal is to ensure the application is secure before it goes live. a) A) Nmap   b) B) Burp Suite c) C) Wireshark d) D) Metasploit 64) A security researcher is tasked with testing a proprietary software application for vulnerabilities. The researcher wants to identify any weaknesses or crashes by sending a wide range of unexpected or random inputs to the application. The goal is to uncover any potential buffer overflows, crashes, or unexpected behavior in the software. a) A) Metasploit   b) B) Wireshark c) C) Fuzzer d) D) Nmap 65) A cybersecurity analyst is conducting a reconnaissance phase for an upcoming penetration test on a target organization. The analyst uses various public sources, such as social media profiles, domain registrations, and company websites, to gather information about the organization’s infrastructure and key personnel. What type of intelligence is the analyst primarily utilizing in this scenario? a) A) SIGINT (Signals Intelligence)   b) B) OSINT (Open Source Intelligence) c) C) HUMINT (Human Intelligence) d) D) TECHINT (Technical Intelligence) 66) An investigator is working on a criminal case and decides to speak with informants and witnesses who may have valuable information about the suspects’ activities and connections. The investigator aims to obtain insights that are not available through physical evidence or public records. a) A) OSINT   b) B) SIGINT c) C) HUMINT d) D) IMINT 67) In a financial institution, no single employee is allowed to both initiate and approve a financial transaction. For example, one employee may create a payment order, but another must review and authorize it. What security principle is being applied here? a) A) Least Privilege b) B) Separation of Duties c) C) Defense in Depth d) D) Multi-Factor Authentication 68) An organization secures its IT infrastructure by implementing multiple layers of security controls, including firewalls at the network perimeter, antivirus software on all endpoints, application whitelisting for critical software, and encryption for sensitive data. What strategy does this approach represent? a) A) Least Privilege b) B) Separation of Duties c) C) Defense in Depth d) D) Single Sign-On 69) In a small design firm, each employee has the ability to control access to the files they create. For example, a graphic designer can share their design files with certain colleagues while restricting access to others. This is managed through file-sharing permissions that the designer sets. Which access control model is being used in this scenario? a) A) Mandatory Access Control   b) B) Role-Based Access Control c) C) Rule-Based Access Control d) D) Discretionary Access Control 70) A government agency manages sensitive classified information and enforces strict access controls. Employees can only access information based on their security clearance level (e.g., Confidential, Secret, Top Secret). Access decisions are made based on predefined policies, and users cannot change these permissions. What type of access control model is being utilized in this scenario? a) A) Role-Based Access Control   b) B) Attribute-Based Access Control c) C) Mandatory Access Control d) D) Discretionary Access Control 71) A university's learning management system uses various attributes to grant access to course materials. For example, access is granted based on characteristics such as student status (e.g., enrolled, graduated), course prerequisites, and time of day. An enrolled student can access course materials only if they meet all specified requirements. Which access control model is being employed? a) A) Role-Based Access Control   b) B) Attribute-Based Access Control c) C) Discretionary Access Control d) D) Mandatory Access Control 72) A government agency uses a security model to protect classified documents. Employees with "Secret" clearance can access documents labeled as "Secret" or lower but cannot access "Top Secret" documents. Additionally, they are restricted from writing information to documents classified as "Confidential." Which security model is being used? a) A) Biba Model b) B) Brewer-Nash Model c) C) Bell-LaPadula Model d) D) Role-Based Access Control 73) An e-commerce platform uses digital signatures to ensure that orders placed by customers cannot be denied later. Each transaction is signed with the customer's private key, providing proof of authenticity and integrity. Which accountability concept does this represent? a) A) Auditing b) B) Non-repudiation c) C) Logs d) D) Deterrence 74) A company has implemented a centralized logging system that records all user activities on its network, including login attempts, file access, and changes to sensitive settings. This logging helps the IT team monitor user actions and identify any unauthorized activities. What is the primary purpose of implementing a logging system? a) A) To enhance network performance   b) B) To deter unethical behavior and monitor user activities for accountability c) C) To prevent data breaches d) D) To improve user experience 75) An employee logs into their corporate email account by entering a username and a password. What type of authentication factor is being used? a) A) Something you have b) B) Something you know c) C) Something you are d) D) Password Hygiene 76) To access a secure building, employees must present a smart card to a reader at the entrance. The smart card contains a chip that verifies their identity. What type of authentication factor is this? a) A) Something you know b) B) Something you have c) C) Something you are d) D) Something you need 77) A smartphone app requires users to unlock it using a fingerprint scan. What type of authentication factor is being utilized here? a) A) Something you know b) B) Something you have c) C) Something you are d) D) Hard tokens 78) A bank requires customers to log in to their online accounts using both a password and a one-time code sent to their mobile phone. What type of authentication method is this? a) A) Password hygiene b) B) Multi-factor authentication c) C) Biometrics d) D) Hard tokens 79) An IT department mandates that all employees update their passwords every 90 days, use complex passwords with a mix of letters, numbers, and symbols, and avoid reusing passwords across different accounts. What best practice does this scenario illustrate? a) A) Biometrics b) B) Hard tokens c) C) Password complexity d) D) Multi-factor authentication 80) A European e-commerce company collects personal data from customers to enhance their shopping experience. The company has implemented processes to allow customers to access, modify, and delete their personal data. Additionally, they have appointed a Data Protection Officer (DPO) to oversee compliance. Which regulatory framework is the company primarily adhering to in this scenario? a) A) HIPAA   b) B) GDPR c) C) PCI-DSS d) D) SOX 81) A bank sends annual privacy notices to its customers, informing them of how their personal information is collected, shared, and protected. Additionally, the bank has implemented procedures to ensure customer data is securely handled. Which regulatory requirement is the bank fulfilling in this scenario? a) A) FISMA   b) B) GLBA c) C) SOX d) D) COPPA 82) An online retailer implements several security measures, including encryption of credit card information, maintaining a firewall, and regularly conducting vulnerability scans to protect customer payment information. Which compliance standard is the retailer adhering to in this scenario? a) A) GDPR   b) B) PCI-DSS c) C) SOX d) D) FERPA 83) A company is unable to implement encryption for its database due to technical constraints. Instead, it uses a combination of access controls, monitoring, and regular audits to mitigate the risk of unauthorized access. What type of control is the company using? a) A) Key Control   b) B) Compensating Control c) C) Preventative Control d) D) Detective Control 84) A tech company fails a regulatory audit due to inadequate data protection measures, resulting in hefty fines and loss of customer trust. What consequence does this scenario highlight regarding non-compliance? a) A) Operational Efficiency  b) B) Competitive Advantage c) C) Financial Penalties d) D) Increased Market Share 85) A multinational corporation has experienced several phishing attacks that have compromised sensitive data. To address this issue, the company decides to implement a program that educates employees on recognizing phishing attempts, understanding social engineering tactics, and practicing safe online behavior. The program includes regular training sessions, simulated phishing exercises, and assessments to measure employee understanding. What is this initiative an example of? a) A) Acceptable Use Policy b) B) Security Awareness Training and Education (SATE) c) C) Incident Response Plan d) D) Risk Management 86) A corporate office has installed security cameras prominently in the parking lot and entrance areas. The presence of these cameras is communicated to employees in the company handbook, and signs indicating video surveillance are posted at all entrances. What type of control is primarily being utilized? a) A) Preventative Control   b) B) Detective Control c) C) Deterrent Control d) D) Corrective Control 87) A warehouse has motion sensors installed throughout the building that trigger alarms when unexpected movement is detected after hours. The alarms notify security personnel, allowing them to investigate any potential intrusions. Which type of control is being utilized in this scenario? a) A) Preventative Control   b) B) Corrective Control c) C) Deterrent Control d) D) Detective Control 88) An organization requires employees to use keycard access to enter secure areas of the building. Only authorized personnel can access sensitive locations, and the keycard system logs all entry attempts. What type of control is primarily being employed? a) A) Detective Control   b) B) Corrective Control c) C) Preventative Control d) D) Deterrent Control 89) A company has deployed a new server that will host a web application. The system administrator reviews the installed software and discovers several unused applications, including games and third-party utilities that were not required for the server’s function. The administrator uninstalls these applications to reduce the attack surface. What OS hardening practice is being implemented in this scenario? a) A) Applying Updates   b) B) Implementing Least Privilege c) C) Removing Unnecessary Software   d) D) Configuring Logging 90) After conducting an audit of a Linux server, the system administrator finds that several services, such as FTP and Telnet, are running but are not needed for the server’s operations. The administrator disables these services to minimize security risks. What OS hardening practice is exemplified? a) A) Removing Unneeded Services   b) B) Default Accounts c) C) Logging d) D) Removing Unnecessary Software 91) During the setup of a new network device, the IT team notices that the administrative account, which uses a common username and password, is still active. To enhance security, they delete the account and create a new, unique administrative account with a strong password. What OS hardening measure is being taken here? a) A) Implementing Least Privilege   b) B) Updating Software c) C) Default Accounts d) D) Configuring Logging 92) A server administrator regularly checks for and applies security patches to the operating system and installed applications. The administrator maintains a schedule for these new releases to ensure the system is protected against known vulnerabilities. What OS hardening practice is being followed in this scenario? a) A) Logging   b) B) Removing Unneeded Services c) C) Applying Updates d) D) Least Privilege 93) You are tasked with setting up secure email communication for your company, ensuring that both confidentiality and non-repudiation are maintained. Which cryptographic method should be used for encrypting and signing the emails? a) A) Symmetric encryption for both tasks   b) B) Asymmetric encryption for both tasks c) C) Symmetric encryption for confidentiality, digital signatures for non-repudiation d) D) Hashing for confidentiality, hash functions for non-repudiation 94) An organization installs antivirus software on all employee computers but experiences a breach due to a weak Wi-Fi password. Which layer of defense in depth was not properly addressed? a) A) Physical   b) B) Application c) C) Network d) D) Data

Fundamentals of InfoSec Quiz #2

Skriv ut
Innebygd

Ledertavle

Visuell stil

Alternativer

Bytt mal

Gjenopprett automatisk lagring: ?