6.Question 6Security researchers inserted malicious code into the web-applications of various organizations. This allowed them to obtain the personally identifiable information (PII) of various users across multiple databases.What type of attack did the researchers perform?1 pointInjectionInput sanitizationSocial engineeringRansomware

An online newspaper suffered a data breach. The attackers exploited a vulnerability in the login form of their website. The attackers were able to access the newspaper’s user database, which did not encrypt personally identifiable information (PII).What attack vectors did the malicious hackers use to steal user information? Select two answers.1 pointThe user databaseThe unencrypted PIIThe newspaper’s websiteThe online login form

1.Question 1Which of the following threats are examples of malware? Select two answers.1 pointError messagesWormsVirusesBugs2.Question 2Fill in the blank: The _____ spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 1 pointBrain virusMorris wormLoveLetter attackEquifax breach3.Question 3Fill in the blank: Social engineering is a manipulation technique that exploits _____ error to gain access to private information.1 pointhumannetworkcomputercoding4.Question 4A security professional is asked to teach employees how to avoid inadvertently revealing sensitive data. What type of training should they conduct?1 pointTraining about social engineeringTraining about security architectureTraining about network optimizationTraining about business continuity5.Question 5Which of the following tasks are part of the security and risk management domain? Select all that apply.1 pointBusiness continuityComplianceSecuring physical assetsDefining security goals and objectives6.Question 6Which of the following tasks may be part of the security architecture and engineering domain? Select all that apply.1 pointEnsuring that effective systems and processes are in placeConfiguring a firewallValidating the identities of employeesSecuring hardware7.Question 7A security professional is ensuring proper storage, maintenance, and retention of their organization’s data. Which domain does this scenario describe?1 pointSecurity operationsAsset securityCommunication and network securitySecurity assessment and testing8.Question 8Which of the following tasks may be part of the security assessment and testing domain? Select all that apply.1 pointCollecting and analyzing dataAuditing user permissionsSecuring physical networks and wireless communicationsConducting security audits9.Question 9Which domain involves keeping data secure by ensuring users follow established policies to control and manage physical assets?1 pointCommunication and network securityIdentity and access managementSecurity assessment and testingSecurity and risk management10.Question 10Which domain involves conducting investigations and implementing preventive measures?1 pointSecurity operations Security and risk managementIdentity and access managementAsset security

1.Question 1Fill in the blank: A computer virus is malicious _____ that interferes with computer operations and causes damage.1 pointformattinghardwarecodesequencing2.Question 2What is one way that the Morris worm helped shape the security industry?1 pointIt made organizations more aware of the significant financial impact of security incidents.It prevented the development of illegal copies of software.It inspired threat actors to develop new types of social engineering attacks.It led to the development of computer response teams.3.Question 3What were the key impacts of the Equifax breach? Select two answers.1 pointPhishing became illegal due to significant public outcry.The significant financial consequences of a breach became more apparent.Millions of customers' PII was stolen.Developers were able to track illegal copies of software and prevent pirated licenses.4.Question 4Social engineering, such as phishing, is a manipulation technique that relies on computer error to gain private information, access, or valuables. 1 pointTrueFalse

Question 9Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply.1 pointBoth PII and SPII are vulnerable to identity theft. The theft of PII is often more damaging than the theft of SPII.An example of SPII is someone’s financial information.An example of PII is someone’s date of birth.

4.Question 4What are examples of sensitive personally identifiable information (SPII) that cybersecurity professionals need to protect? Select two answers.1 pointEmail addressesMedical recordsLast namesBank account numbers