Which of the following is MOST accurate when comparing patch management and vulnerability management?
A security practitioner has been asked to investigate the presence of customer Personally Identifiable Information (PII) on a social media website. Where does the practitioner begin?
Cloud computing introduces the concept of the shared responsibility model. This model can MOST accurately be described as defining shared responsibility between which of the following?
Which of the following factors is the MOST important consideration for a security team when determining whether cryptographic erasure can be used for disposal of a device?
An organization has been struggling to improve their security posture after a recent breach. Where should the organization focus their efforts?
Which Open Systems Interconnection (OSI) layer is concerned with Denial-Of-Service (DoS) SYN flood attacks?
Which of the following BEST characterizes the operational benefit of using immutable workloads when working on a cloud-based project?
A newly hired Chief Information Security Officer (CISO) is now responsible to build a third-party assurance for their organization. When assessing a third-party, which of the following questions needs to be answered?
An audit report of security operations has listed some anomalies with third parties being granted access to the internal systems and data without any restrictions.
Which of the following will BEST help remediate this issue?
Which of the following is the BEST activity to mitigate risk from ransomware on mobile devices and removable media in a corporate environment?
The question below is based on the following information:
Work Center 1 has an available capacity of 1,200 hours per month. Which of the following amounts represents the cumulative difference between the required capacity and the available capacity of Months 1 through 3?
The Chief Information Security Officer (CISO) for an international organization with offices operating globally has been tasked with developing a new data encryption policy that can be applied to all areas of the business. What is the MOST important factor that must be considered?
Which of the following describes the 3 MAIN roles of the identity-delegation model?
A security consultant is working with an organization to help evaluate a proposal received from a new managed security service provider. There are questions about the confidentiality and effectiveness of the provider's system over a period of time. Which of the following System And Organization Controls (SOC) report types should the consultant request from the provider?
Which of the following BEST describes an individual modifying something the individual is not supposed to?
TESTED 21 Dec 2025
