11. Fill in the blank: Social engineering is a _____ that exploits human error to gain private information, access, or valuables.

  • type of malware
  • replicating virus
  • manipulation technique
  • business breach

12. A security professional is asked to teach employees how to avoid inadvertently revealing sensitive data. What type of training should they conduct?

  • Training about network optimization
  • Training about business continuity
  • Training about security architecture
  • Training about social engineering

13. Which domain involves defining security goals and objectives, risk mitigation, compliance, business continuity, and the law?

  • Security assessment and testing
  • Security architecture and engineering
  • Identity and access management
  • Security and risk management

14. Which of the following tasks may be part of the security architecture and engineering domain? Select all that apply.

  • Validating the identities of employees
  • Configuring a firewall
  • Securing hardware
  • Ensuring that effective systems and processes are in place

15. Which of the following tasks may be part of the asset security domain? Select all that apply.

  • Ensuring users follow established policies
  • Securing digital and physical assets
  • Data storage and maintenance
  • Proper disposal of digital assets

16. A security professional is auditing user permissions at their organization in order to ensure employees have the correct access levels. Which domain does this scenario describe?

  • Security assessment and testing
  • Security and risk management
  • Asset security
  • Communication and network security

17. Which domain involves keeping data secure by ensuring users follow established policies to control and manage physical assets?

  • Identity and access management
  • Communication and network security
  • Security assessment and testing
  • Security and risk management

18. A security professional receives an alert that an unknown device has connected to their organization’s internal network. They follow policies and procedures to quickly stop the potential threat. Which domain does this scenario describe?

  • Security operations
  • Security and risk management
  • Asset security
  • Identity and access management

Shuffle Q/A 2

19. Which of the following threats are examples of malware? Select two answers.

  • Viruses
  • Bugs
  • Worms
  • Error messages

20. Fill in the blank: Exploiting human error to gain access to private information is an example of _____ engineering.

  • network
  • communication
  • social
  • digital
Previous
Next

Leave a Reply