Question 1What does a security professional use to create guidelines and plans that educate employees about how they can help protect the organization? 1 pointSecurity auditSecurity postureSecurity frameworkSecurity hardening2.Question 2Fill in the blank: A security professional uses _____ to verify that an employee has permission to access a resource.1 pointencryptionadmissionauthorizationintegrity3.Question 3What type of social engineering attack attempts to exploit biometrics?1 pointWhaling VishingSpear phishing Cryptographic attack4.Question 4You work as a security analyst for a supply chain organization and need to confirm all inventory data is correct, authentic, and reliable. Which core principle of the CIA triad are you using?1 pointCredibilityConfidentialityIntegrityAvailability

Question 1What does a security professional use to create guidelines and plans that educate employees about how they can help protect the organization? 1 pointSecurity postureSecurity auditSecurity frameworkSecurity hardening

Question 4A security professional conducts internal training to teach their coworkers how to identify a social engineering attack. What types of security issues are they trying to avoid? Select all that apply.1 pointEmployees inadvertently revealing sensitive dataMalicious software being deployedPhishing attacksOvertaxing systems with too many internal emails

Question 4A security professional is asked to teach employees how to avoid inadvertently revealing sensitive data. What type of training should they conduct?1 pointTraining about security architectureTraining about network optimizationTraining about business continuityTraining about social engineering

1.Question 1Fill in the blank: Cybersecurity aims to protect networks, devices, people, and data from _____ or unauthorized access. 1 pointchanging business prioritiescriminal exploitationpoor financial managementmarket shifts2.Question 2Which of the following tasks are typically responsibilities of entry-level security analysts? Select all that apply.1 pointExamining in-house security issuesCreating organizational policiesInstalling prevention softwareProtecting computer and network systems3.Question 3An employee receives an email that they believe to be legitimate. They click on a compromised link within the email. What type of internal threat does this scenario describe?1 pointIntentionalAccidentalOperationalAbusive4.Question 4What is identity theft?1 pointA data breach that affects an entire organizationStealing personal information to commit fraud while impersonating a victimFailing to maintain and secure user, customer, and vendor dataTrying to gain access to an organization’s private networks5.Question 5Fill in the blank: An organization that is in regulatory compliance is likely to _____ fines.1 pointencounterincuravoidrectify6.Question 6Which of the following proficiencies are examples of technical skills? Select two answers.1 pointApplying computer forensicsAutomating tasks with programmingPrioritizing collaborationCommunicating with employees7.Question 7Fill in the blank: Security information and _____ management (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities. 1 pointeventemergencyenterpriseemployer8.Question 8A security professional receives an alert about an unknown user accessing a system within their organization. They attempt to identify, analyze, and preserve the associated criminal evidence. What security task does this scenario describe?1 pointComputer forensicsSoftware upgradesProgramming with codeResolving error messages9.Question 9Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply.1 pointPII is any information used to infer an individual’s identity.Only SPII is vulnerable to identity theft.An example of SPII is someone’s biometric data.An example of PII is someone’s phone number.

Question 3Fill in the blank: A security professional has been tasked with implementing safeguards to reduce suspicious activity on their company's network. They use _____ to help them reduce this type of risk.1 pointpublic websites private informationsecurity controlssecurity ethics