An employee notices a suspicious person in the data center and immediately escalates their concern to a manager.
At which maturity model stage is their company’s security awareness program likely functioning?
AEnforcing Least Privilege
BPromoting Awareness and Change
CSegmentation and Compartmentalization
DCompliance Focused
A CISO reporting to the CEO gains which of the following benefits?
AA strategic understanding of risks and threats
BEase of communicating security requirements
CSupport for improving product security
DA primary focus on compliance and regulatory mandates
Which of the following is a typical responsibility for a Tier 1 SOC analyst?
AForensics and malware analysis
BMonitoring and triaging alerts
CSensor tuning and maintenance
DIncident coordination and response
Using a number line evaluation, which value would indicate that an employee is being undercompensated for their current level of contribution to the team?
A0
B-2
C2
DA range of -1 to +1
Question 6
Managing Application Security
0
Question 7
Incident Response and Business Continuity
Question 8
Managing Security Awareness
Question 9
Managing Negotiations and Vendors
Question 10
Managing Security Awareness
Question 11
Incident Response and Business Continuity
Question 12
Managing a Security Operations Center
Question 13
Risk Management and Security Frameworks
Question 14
Managing a Security Operations Center
Question 15
Managing Projects
Question 16
Managing Negotiations and Vendors
Question 17
Risk Management and Security Frameworks
Question 18
Risk Management and Security Frameworks
Question 19
Managing Security Awareness
Question 20
Managing Security Awareness
Question 21
Network Security Architecture
Question 22
Managing Negotiations and Vendors
Question 23
Managing a Security Operations Center
Question 24
Network Security Architecture
Question 25
Managing System Security
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
During which SDLC phase should a DAST tool be deployed to spider the application?
ADevelopment
BProduction
CTesting
DDesign
Notifying system owners, forcing password updates for affected user accounts, and increased monitoring to detect related malicious activity, occur as part of which process?
ARecovery from an incident
BEradication of an incident
CPreparing for an incident
DIdentification of an incident
Which member of a security awareness advisory board provides support for both scoping the target and enforcing program mandates?
AHelp Desk
BSecurity Operations
CMarketing and Communications
DHuman Resources
A job candidate agrees to accept a position with a lower salary than requested when the company increases the vacation time and training allowance in the job offer.
What type of negotiating strategy does this describe?
AIntegrative bargaining
BBottom line value
CDistributive bargaining
DZero sum value
How should Learning Objectives be developed in regard to an organization’s managed risks?
AA single learning objective document should be developed to address company goals for all managed risks
BA learning objective document should be developed for each department listing their managed risks
CAn individual learning objective document should be developed for each managed risk
DA learning objective document should be developed for each threat agent that poses a risk
Executives and business unit managers have been asked to review the organization's disaster recovery plan and provide feedback on whether the plans are accurate and complete for their departments.
What type of test is being conducted?
AFunctional
BChecklist
CWalkthrough
DTabletop
Which SIEM function is primarily used for redundancy to prevent data loss when more events are received than the processor can handle?
ALog aggregator
BLog archiving
CLog agent
DLog broker
Which of the following standards defines the iterative risk management process shown below?
ANIST CSF
BNIST 800-37
CISO 27005
DFAIR
What type of security metrics are used to illustrate results at the executive level shown below?
AKey performance indicators
BCVSS scores
CLearning objectives
DCritical path activities
What process is demonstrated in the diagram shown below?
AContinuous Delivery
BContinuous Integration
CContinuous Improvement
DContinuous Deployment
Based on the selection criterion and the vendor table shown below, what is the prioritized score for Features?
A0.6
B1.4
C2.8
D5.0
What can be determined from the NIST SP800-53 related screenshot below?
APrevious Logon (Access) Notification is required in all baselines
BAccount Management must be implemented before Unsuccessful Logon Attempts
CSession Lock has the most control enhancements
DAccount Management must be implemented before Separation of Duties
The model for the Three Lines of Defense in Effective Risk Management and Control prescribes which of the following?
ARisk Owners in the second line of defense should not delegate the day-to-day management of security controls
BSecurity teams should have complete responsibility for implementing security controls that catch unexpected events
CInternal auditors have a high level of independence that is not available in the second line of defense
DRisk Control and Compliance personnel can offer completely independent analysis to governing bodies in the final line of defense
At which stage of the Security Awareness Maturity Model is annual training first implemented?
ALong-term sustainment and cultural change
BMetrics framework
CCompliance-focused
DPromoting awareness and behavioral change
Which of the following is an example of a compliance metric for a security awareness program?
AWas there a decrease in the severity of incidents after the awareness program was initiated?
BHow many employees reported suspicious emails after awareness training compared to before training?
CWhich regulatory requirements will be addressed by deploying an organization wide awareness program?
DWhat percentage of employees assigned to an awareness training module have completed the training?
What type of network attack uses switch spoofing?
AVLAN hopping
BDHCP snooping
CPing flooding
DDouble tagging
The statement below is an example of which of the following?
For consumer market product lines, no single supplier’s exposure will exceed 30%
ARisk capacity
BRisk tolerance
CRisk analysis
DRisk profile
Which of the following is a recommended function of the SOC’s command center?
AApproving and updating SOC policies
BReceiving internal and third-party security requests
CManaging network security monitoring devices
DPerforming forensic analysis and reverse engineering
An organization wants a perimeter device to inspect and transmit email requests from the internet to the internal email server.
Which of the following is used for this purpose?
AWeb proxy
BWAF
CReverse proxy
DNIDS
What type of hosts did the Mirai botnet target for infection?
