An organization is working to secure its Supervisory Control And Data Acquisition (SCADA) system, Which monitors water supply to the city. What type of security should the organization ensure FIRST?
Which of the following MUST be checked during the validation of software verification capabilities?
An organization implemented a threat modeling program focusing on key assets. However, after a short time it became clear that the organization was having difficulty executing the threat modeling program.
Which approach will MOST likely have been easier to execute?
A Structured Query Language (SQL) database is hosted on a hardened, secure server. All unused ports are locked down, but external connections from untrusted networks are still required to be allowed through. What is the BEST way to ensure transactions to/from this server remain secure?
Which of the following vulnerability types is also known as a serialization flaw and affects the integrity of two processes interacting with the same resource at the same time?
A security assessor has been engaged to perform a penetration test on control system components located on a shipping vessel. The individuals on the ship do not have any knowledge of how the component is configured or its internal workings. Which of the following test types does this scenario call for?
Which of the following tactics can be employed effectively to reduce appraisal quality costs?
In Company XYZ, transaction-costing capability has been Integrated into the shop floor reporting system. A batch of 20 units was started in production. At the fourth operation, 20 units are reported as complete. At the fifth operation, 25 units are reported as complete. When all operations are complete, 20 units are checked into the stockroom. If the error at the fifth operation is undetected, which of the following conditions will be true?
Which of the following planes directs the flow of data within a Software-Defined Networking (SDN) architecture?
Which of the following is the MOST significant flaw when using Federated Identity Management (FIM)?
A production manager completes a work order for an assembly item, and inventory records for the components are decreased. This is an example of:
A department manager executes threat modeling at the beginning of a project and throughout its lifecycle. What type of threat modeling is being performed?
During the initiation phase of a project to acquire a customer relation management system, what is the FIRST step a project team will take for early integration of security?
An information security professional is considering what type of classification label to place on an organization’s software code in order to implement proper access controls. The code is considered intellectual property data and would have a catastrophic impact to the organization if compromised or destroyed. Which of the following would be the MOST appropriate classification label to apply?
TESTED 26 May 2026
