21. Fill in the blank: An organization that is in regulatory compliance is likely to _____ fines.

  • rectify
  • avoid
  • encounter
  • incur

22. An individual is in their first job as an entry-level security professional. They take training to learn more about the specific tools, procedures, and policies that are involved in their career. What does this scenario describe?

  • Gaining new technical skills
  • Improving management capabilities
  • Understanding different perspectives
  • Transferring capabilities from one career to another

23. Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply.

  • An example of PII is someone’s phone number.
  • An example of SPII is someone’s biometric data.
  • Only SPII is vulnerable to identity theft.
  • PII is any information used to infer an individual’s identity.

24. Fill in the blank: The purpose of _____ is to protect networks, devices, people, and data from unauthorized access or criminal exploitation.

  • cybersecurity
  • change-management
  • planning
  • business continuity

25. A security professional collaborates with information technology teams to deploy an application that helps identify risks and vulnerabilities. What does this scenario describe?

  • Upgrading network capacity
  • Installing detection software
  • Conducting a security audit
  • Ethical hacking

26. Someone outside of an organization attempts to gain access to its private information. What type of threat does this scenario describe?

  • Internal
  • External
  • Ethical
  • Accidental

27. What is identity theft?

  • Failing to maintain and secure user, customer, and vendor data
  • Trying to gain access to an organization’s private networks
  • Stealing personal information to commit fraud while impersonating a victim
  • A data breach that affects an entire organization

28. A security professional receives an alert about an unknown user accessing a system within their organization. They attempt to identify, analyze, and preserve the associated criminal evidence. What security task does this scenario describe?

  • Resolving error messages
  • Programming with code
  • Software upgrades
  • Computer forensics

29. What is regulatory compliance?

  • Sites and services that require complex passwords to access
  • Laws and guidelines that require implementation of security standards
  • Expenses and fines associated with vulnerabilities
  • Threats and risks from employees and external vendors

30. Fill in the blank: Security information and event _____ (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities.

  • monitoring
  • mitigation
  • maturity
  • management

Leave a Reply