Q: Ideally, an attack surface is or Q: An assault surface should ideally be open and defended. as small as possible. frequently updated. as large as possible. Explanation: Reducing the attack surface minimizes the number of potential entry points for attackers, which helps to decrease the likelihood of successful attacks and simplifies security management.

Q: In the Payment Card Industry Data Security Standard (PCI DSS), what are the requirements for the “regularly monitor and test networks” objective? Select all that apply or Q: What does the Payment Card Industry Data Security Standard (PCI DSS) “regularly monitor and test networks” objective require? Choose every option that pertains. Track and monitor all access to network resources…

Q: What tools can be used to discover vulnerabilities or dangerous misconfigurations in systems and networks? or Q: What instruments are available for identifying hazardous configuration errors or weaknesses in systems and networks? Firewalls Bastion hosts Antimalware software Vulnerability scanners Explanation: Vulnerability scanners are designed to identify security weaknesses, potential vulnerabilities, and misconfigurations in systems and networks. They help organizations…

Q: What is penetration testing? or Q: Penetration testing: what is it? Assessing computers, computer systems, networks, or applications for weaknesses. Giving network access to a bad actor for testing. Attempting to gather credentials with phishing emails. Attempting to break into a system or network for the purpose of verifying the systems in place. Explanation: Penetration testing involves simulating cyberattacks…

Q: Which of the following devices are considered a risk when storing confidential information? Select all that apply. or Q: Which of the following gadgets should never be used to store sensitive data? Choose every option that pertains. Limited access file shares Encrypted portable hard drives CD drives USB sticks Explanation: These devices are considered risky because they can be…

Q: Which of the following are bad security habits commonly seen amongst employees in the workplace? Select all that apply. or Q: Which of the following are poor security practices that you frequently observe in workers at work? Choose every option that pertains. Password on a post-it note Leave laptop logged in and unattended Correct Log out of website session…

Q: When working on a laptop in a public area, always when getting up to use the restroom. or Q: In public spaces, when using a laptop, always take a break to use the toilet. Ask a coworker to watch the laptop Lock the screen Ask permission to leave Set up a VPN Explanation: When working on a laptop in…

Q: What is a quick way of evaluating a third party’s security? or Q: How can I quickly assess the security of a third party? A signed contract A security assessment questionnaire A comprehensive penetration testing review A manual evaluation of all security systems Explanation: This tool allows organizations to gather essential information about the security practices and protocols of…

Q: What are some things that are generally included on a third party security assessment report? Select all that apply or Q: What kinds of information are often found in a report produced by a third party security assessment? Choose every option that pertains. Customer feedback scores Third party security audit results Penetration testing results User reviews Explanation: These elements…

Q: Periodic mandatory security training courses can be given to employees in what way? Select all that apply. or Q: How can staff receive mandated security training on a regular basis? Choose every option that pertains. Short video Brief quiz One-on-one interviews Interoffice memos Explanation: These methods are commonly used to deliver security training in an engaging and accessible format.…