What form of attack against an employee has the MOST impact on their compliance with the organisation’s "code of conduct"?A . Brute Force Attack.B . Social Engineering.C . Ransomware.D . Denial of Service. View Answer Answer: D...
Continue readingWhich of the following is a framework and methodology for Enterprise Security Architecture and Service Management?
Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?A . TOGAFB . SABSAC . PCI DSE . OWAS View Answer Answer: B...
Continue readingWhich of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?
Which of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?A . Online retailer.B . Traditional market trader.C . Mail delivery business.D . Agricultural producer. View Answer Answer: A...
Continue readingWhich security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?A . System Integrity.B . Sandboxing.C . Intrusion Prevention System.D . Defence in depth. View Answer Answer: D Explanation: https://en.wikipedia.org/wiki/Defense_in_depth_(computing)...
Continue readingPreventive.
Preventive.A . 1, 2 and 4.B . 1, 2 and 3.C . 1, 2 and 5.D . 3, 4 and 5. View Answer Answer: C...
Continue readingWhich term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?
Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?A . Advanced Persistent Threat.B . Trojan.C . Stealthware.D . Zero-day. View Answer Answer: D Explanation: https://en.wikipedia.org/wiki/Zero-day_(computing)...
Continue readingWhich algorithm is a current specification for the encryption of electronic data established by NIST?
Which algorithm is a current specification for the encryption of electronic data established by NIST? A. RSA. B. AES. C. DES. D. PGP. View Answer Answer: B Explanation: https://www.nist.gov/publications/advanced-encryption-standard-aes...
Continue readingWhich security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?
Which security concept provides redundancy in the event a security control failure or the exploitation of a vulnerability?A . System Integrity.B . Sandboxing.C . Intrusion Prevention System.D . Defence in depth. View Answer Answer: D Explanation: https://en.wikipedia.org/wiki/Defense_in_depth_(computing)...
Continue readingIn software engineering, what does ‘Security by Design”mean?
In software engineering, what does ‘Security by Design”mean?A . Low Level and High Level Security Designs are restricted in distribution.B . All security software artefacts are subject to a code-checking regime.C . The software has been designed from its inception to be secure.D . All code meets the technical requirements of GDP View Answer...
Continue readingWhen calculating the risk associated with a vulnerability being exploited, how is this risk calculated?
When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?A . Risk = Likelihood * Impact.B . Risk = Likelihood / Impact.C . Risk = Vulnerability / Threat.D . Risk = Threat * Likelihood. View Answer Answer: C...
Continue reading