The first step an employee should take upon detecting a potential security incident on a mobile device is to immediately report it to the organization's IT or security team. This ensures that the incident is addressed promptly and the necessary steps are taken to mitigate any potential risks.

Firewall 'Exception' allows specific traffic to bypass regular security inspection, based on predefined criteria or exceptions.

Two-factor authentication (2FA) involves something the user physically possesses (like a smart card or token) and something they know (like a PIN or password). It provides an additional layer of security beyond just a password, making it more challenging for unauthorized users to gain access.

Role-based access control (RBAC) is a concept in which users are grouped based on their job roles, and permissions are assigned accordingly. This approach simplifies access control by granting or restricting access based on job responsibilities, ensuring that users only have access to resources essential for their roles, which enhances security and administrative efficiency.

This security measure is an example of "Multi-Factor Authentication (MFA)." MFA requires users to provide two or more authentication factors (in this case, a password, a smart card, and a biometric scan) to gain access, making it more secure than single-factor authentication.

The tool known for automating the scanning of web applications and detecting a wide range of web vulnerabilities, including over 3000, is Burp Suite. It's widely used by security professionals for web application security testing.

SD-WAN (Software-Defined Wide Area Network) is a technology that allows secure and efficient access to internal resources from anywhere while minimizing exposure to external threats. It's an ideal solution for a global organization.

Certificate Revocation List (CRL) is a vital component of certificate management. It is a list of certificates that have been revoked before their expiration date. It is used to verify whether a certificate is still valid and hasn't been compromised.

A mandatory access control (MAC) policy is a security policy that enforces access controls based on labels assigned to subjects (users) and objects (resources). The labels define the sensitivity and integrity of objects and the clearances of subjects. Access is granted or denied based on these labels.

Multi-factor authentication typically involves two or more different forms of evidence (factors) for verifying a user's identity. These factors can include something the user knows (password), something the user has (smart card or mobile device), and something the user is (biometric data like fingerprints).