21. Fill in the blank: An organization that is in regulatory compliance is likely to _____ fines.
- rectify
- avoid
- encounter
- incur
22. An individual is in their first job as an entry-level security professional. They take training to learn more about the specific tools, procedures, and policies that are involved in their career. What does this scenario describe?
- Gaining new technical skills
- Improving management capabilities
- Understanding different perspectives
- Transferring capabilities from one career to another
23. Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply.
- An example of PII is someone’s phone number.
- An example of SPII is someone’s biometric data.
- Only SPII is vulnerable to identity theft.
- PII is any information used to infer an individual’s identity.
24. Fill in the blank: The purpose of _____ is to protect networks, devices, people, and data from unauthorized access or criminal exploitation.
- cybersecurity
- change-management
- planning
- business continuity
25. A security professional collaborates with information technology teams to deploy an application that helps identify risks and vulnerabilities. What does this scenario describe?
- Upgrading network capacity
- Installing detection software
- Conducting a security audit
- Ethical hacking
26. Someone outside of an organization attempts to gain access to its private information. What type of threat does this scenario describe?
- Internal
- External
- Ethical
- Accidental
27. What is identity theft?
- Failing to maintain and secure user, customer, and vendor data
- Trying to gain access to an organization’s private networks
- Stealing personal information to commit fraud while impersonating a victim
- A data breach that affects an entire organization
28. A security professional receives an alert about an unknown user accessing a system within their organization. They attempt to identify, analyze, and preserve the associated criminal evidence. What security task does this scenario describe?
- Resolving error messages
- Programming with code
- Software upgrades
- Computer forensics
29. What is regulatory compliance?
- Sites and services that require complex passwords to access
- Laws and guidelines that require implementation of security standards
- Expenses and fines associated with vulnerabilities
- Threats and risks from employees and external vendors
30. Fill in the blank: Security information and event _____ (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities.
- monitoring
- mitigation
- maturity
- management