Question 1

Which two basic metrics should be taken into consideration when assigning a severity to a vulnerability during an assessment? (Choose 2.)

Options :

A : The likelihood that an adversary can and will exploit the vulnerability

B : The impacts that an exploit of the vulnerability will have on the organization

C : The time involved in choosing replacement software to replace older systems

D : The age of the hardware running the software that contains the vulnerability

Answer: A,B

Question 2

Which of the following is a feature of a next-generation firewall?

Options :

A : Packet filtering

B : Intrusion detection system

C : Network address translation

D : Stateful inspection

Answer: B

Question 3

Which of the following is true about network security policies?

Options :

A : They should be regularly reviewed and updated

B : They are only useful for larger organizations

C : They are not necessary if a firewall is in place

D : They should be written in a way that is difficult for employees to understand

Answer: A

Question 4

Which of the following is a best practice for implementing security policies and procedures?

Options :

A : Implementing regular security audits and assessments

B : Allowing employees to choose their own passwords

C : Keeping all security policies and procedures confidential

D : Using the same security policy for all employees

Answer: A

Question 5

Which of the following best describes a common security threat known as phishing?

Options :

A : A type of cyberattack that involves sending fraudulent emails or messages to deceive individuals into revealing sensitive information

B : A method used by hackers to gain unauthorized access to a network by exploiting vulnerabilities in the system

C : A form of malware that spreads through email attachments and is designed to cause damage to computer systems

D : A technique where an attacker intercepts and modifies communications between two parties without their knowledge or consent

Answer: A