Question 1

A Security Operations Center (SOC) team is tasked with improving their visibility across the organization’s network. Which of the following measures is the most effective to enhance visibility for threat detection and response?

Options :

A : Implementing a unified Security Information and Event Management (SIEM) system with log aggregation and analysis.

B : Relying solely on application logs for monitoring.

C : Deploying endpoint detection and response (EDR) tools to all devices.

D : Increasing the frequency of network scans to detect potential vulnerabilities.

Answer: A

Question 2

You are a junior cybersecurity analyst investigating a breach in your organization’s system. During your analysis, you find an unpatched software application and evidence that a threat actor leveraged it to gain unauthorized access to sensitive data. Which of the following statements correctly differentiate between vulnerabilities and exploits in the context of this scenario? (Choose two)

Options :

A : A vulnerability is a weakness in the system that can potentially be exploited by a threat actor.

B : A vulnerability always leads to a system compromise, while an exploit only has potential risks.

C : An exploit takes advantage of a vulnerability to execute unauthorized actions on a system.

D : Vulnerabilities are caused solely by unpatched software, while exploits result only from malware usage.

E : An exploit is a deliberate action taken to fix a system’s vulnerability and prevent breaches.

Answer: A,C

Question 3

A company deploys a hybrid cloud architecture where part of their infrastructure is on-premises and part resides in a public cloud. Which of the following traffic patterns represents an east-west flow in this hybrid environment?

Options :

A : A customer accesses the company-s e-commerce website hosted in the public cloud.

B : A developer pushes application updates from their local machine to a cloud-based Git repository.

C : An on-premises Active Directory server synchronizes user credentials with a cloud-based identity provider.

D : A web application in the public cloud communicates with a backend database server hosted on the same cloud provider.

Answer: D

Question 4

Which of the following best represents the role of "Cloud" in the Four Cs of Cloud Native Security?

Options :

A : Offering built-in security features to protect sensitive data within application code.

B : Automating application deployment through continuous integration and continuous delivery (CI/CD) pipelines.

C : Providing the underlying infrastructure, such as compute, storage, and networking, on which applications are built.

D : Ensuring that cloud service providers implement encryption for all stored data.

Answer: C

Question 5

An organization is implementing endpoint security for its remote workforce. The solution must include encryption, device compliance checks, and protection against phishing. Which solution best meets these requirements?

Options :

A : Endpoint Protection Platform (EPP)

B : Next-Generation Firewall (NGFW)

C : Security Information and Event Management (SIEM)

D : Unified Threat Management (UTM)

Answer: A