1.Question 1Fill in the blank: A _____ is malicious code written to interfere with computer operations and cause damage to data. 1 pointspyware attackbusiness disruptionsoftware breachcomputer virus2.Question 2Fill in the blank: The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 1 pointMorris wormLoveLetter attackBrain virusEquifax breach3.Question 3Fill in the blank: Social engineering is a manipulation technique that exploits _____ error to gain access to private information.1 pointcomputercodingnetworkhuman4.Question 4A security professional conducts internal training to teach their coworkers how to identify a social engineering attack. What types of security issues are they trying to avoid? Select all that apply.1 pointEmployees inadvertently revealing sensitive dataPhishing attacksMalicious software being deployedOvertaxing systems with too many internal emails5.Question 5A security professional is researching compliance and the law in order to define security goals. Which domain does this scenario describe?1 pointSecurity and risk managementSecurity architecture and engineering Security assessment and testingIdentity and access management6.Question 6Which of the following tasks may be part of the security architecture and engineering domain? Select all that apply.1 pointEnsuring that effective systems and processes are in placeValidating the identities of employeesConfiguring a firewallSecuring hardware7.Question 7A security professional is ensuring proper storage, maintenance, and retention of their organization’s data. Which domain does this scenario describe?1 pointSecurity assessment and testingSecurity operationsAsset securityCommunication and network security8.Question 8Which domain involves conducting, collecting, and analyzing data, as well as conducting security audits to monitor for risks, threats, and vulnerabilities?1 pointCommunication and network securityIdentity and access managementSecurity and risk managementSecurity assessment and testing9.Question 9Which domain involves keeping data secure by ensuring users follow established policies to control and manage physical assets?1 pointSecurity assessment and testingIdentity and access managementCommunication and network securitySecurity and risk management10.Question 10Which domain involves conducting investigations and implementing preventive measures?1 pointIdentity and access management Security and risk managementAsset securitySecurity operations

1.Question 1Which of the following threats are examples of malware? Select two answers.1 pointError messagesWormsVirusesBugs2.Question 2Fill in the blank: The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 1 pointBrain virusMorris wormLoveLetter attackEquifax breach3.Question 3Fill in the blank: Social engineering is a manipulation technique that exploits _____ error to gain access to private information.1 pointhumannetworkcomputercoding4.Question 4A security professional is asked to teach employees how to avoid inadvertently revealing sensitive data. What type of training should they conduct?1 pointTraining about social engineeringTraining about security architectureTraining about network optimizationTraining about business continuity5.Question 5Which of the following tasks are part of the security and risk management domain? Select all that apply.1 pointBusiness continuityComplianceSecuring physical assetsDefining security goals and objectives6.Question 6Which of the following tasks may be part of the security architecture and engineering domain? Select all that apply.1 pointEnsuring that effective systems and processes are in placeConfiguring a firewallValidating the identities of employeesSecuring hardware7.Question 7A security professional is ensuring proper storage, maintenance, and retention of their organization’s data. Which domain does this scenario describe?1 pointSecurity operationsAsset securityCommunication and network securitySecurity assessment and testing8.Question 8Which of the following tasks may be part of the security assessment and testing domain? Select all that apply.1 pointCollecting and analyzing dataAuditing user permissionsSecuring physical networks and wireless communicationsConducting security audits9.Question 9Which domain involves keeping data secure by ensuring users follow established policies to control and manage physical assets?1 pointCommunication and network securityIdentity and access managementSecurity assessment and testingSecurity and risk management10.Question 10Which domain involves conducting investigations and implementing preventive measures?1 pointSecurity operations Security and risk managementIdentity and access managementAsset security

Question 3Fill in the blank: Social engineering is a _____ that exploits human error to gain private information, access, or valuables.1 pointreplicating virusbusiness breachtype of malwaremanipulation technique

1.Question 1What is the term for software that is designed to harm devices or networks?1 pointBugMalwareError messageSocial application2.Question 2Fill in the blank: The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 1 pointBrain virusEquifax breachLoveLetter attackMorris worm3.Question 3Fill in the blank: Exploiting human error to gain access to private information is an example of _____ engineering.1 pointcommunicationnetworksocialdigital4.Question 4Which of the following threats are most likely to occur in the event of a phishing attack? Select all that apply. 1 pointMalicious software being deployedOvertaxing systems with too many internal emailsEmployees inadvertently revealing sensitive dataTheft of the organization’s hardware5.Question 5Which of the following tasks are part of the security and risk management domain? Select all that apply.1 pointComplianceSecuring physical assetsBusiness continuityDefining security goals and objectives6.Question 6A security professional is optimizing data security by ensuring that effective tools, systems, and processes are in place. Which domain does this scenario describe?1 pointCommunication and network securityIdentity and access managementSecurity architecture and engineeringSecurity and risk management7.Question 7Which domain involves securing digital and physical assets, as well as managing the storage, maintenance, retention, and destruction of data?1 pointCommunication and network securitySecurity assessment and testingAsset security Security operations8.Question 8Which domain involves conducting, collecting, and analyzing data, as well as conducting security audits to monitor for risks, threats, and vulnerabilities?1 pointIdentity and access managementCommunication and network securitySecurity assessment and testingSecurity and risk management9.Question 9Which of the following tasks may be part of the identity and access management domain? Select three answers.1 pointManaging and controlling physical and logical assetsEnsuring users follow established policiesSetting up an employee’s access keycard Conducting security control testing10.Question 10Which domain involves conducting investigations and implementing preventive measures?1 point Security and risk managementAsset securityIdentity and access managementSecurity operations

Question 2Fill in the blank: The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 1 pointEquifax breachBrain virusMorris wormLoveLetter attack3.Question 3Fill in the blank: Expl

Question 1Fill in the blank: A _____ is malicious code written to interfere with computer operations and cause damage to data. 1 pointspyware attackcomputer virussoftware breachbusiness disruption