An organization with a global presence wants to ensure its employees can access internal resources securely from anywhere in the world without exposing the network to external threats. Which solution would best fit this requirement?

  • Cloud Computing
  • IoT (Internet of Things)
  • MPLS (Multiprotocol Label Switching)
  • SD-WAN (Software-Defined Wide Area Network)
SD-WAN (Software-Defined Wide Area Network) is a technology that allows secure and efficient access to internal resources from anywhere while minimizing exposure to external threats. It's an ideal solution for a global organization.

In terms of certificate management, what refers to the process of ensuring a certificate is still valid and has not been revoked?

  • Certificate Authority (CA)
  • Certificate Revocation List (CRL)
  • Certificate Signing Request (CSR)
  • Public Key Infrastructure (PKI)
Certificate Revocation List (CRL) is a vital component of certificate management. It is a list of certificates that have been revoked before their expiration date. It is used to verify whether a certificate is still valid and hasn't been compromised.

A mandatory _______ policy is a type of security policy that relies on labels (attached to objects and users) to determine access.

  • Access Control
  • Mandatory Access
  • Password
  • Role-Based
A mandatory access control (MAC) policy is a security policy that enforces access controls based on labels assigned to subjects (users) and objects (resources). The labels define the sensitivity and integrity of objects and the clearances of subjects. Access is granted or denied based on these labels.

Multi-factor authentication typically involves how many different forms of evidence (or factors) for verifying a user's identity?

  • Four factors
  • One factor
  • Three factors
  • Two factors
Multi-factor authentication typically involves two or more different forms of evidence (factors) for verifying a user's identity. These factors can include something the user knows (password), something the user has (smart card or mobile device), and something the user is (biometric data like fingerprints).

Which authentication method involves something the user physically possesses, like a smart card or token?

  • Biometric authentication
  • Two-factor authentication
  • Password authentication
  • Single-factor authentication
Two-factor authentication (2FA) involves something the user physically possesses (like a smart card or token) and something they know (like a PIN or password). It provides an additional layer of security beyond just a password, making it more challenging for unauthorized users to gain access.

Which of the following best describes the concept of "role-based access control"?

  • Access control is not enforced
  • All users have equal access to all resources
  • Users are authenticated using biometrics
  • Users are grouped based on job roles, and permissions are assigned accordingly
Role-based access control (RBAC) is a concept in which users are grouped based on their job roles, and permissions are assigned accordingly. This approach simplifies access control by granting or restricting access based on job responsibilities, ensuring that users only have access to resources essential for their roles, which enhances security and administrative efficiency.

After a major data breach, a company mandates that employees use their passwords, a smart card, and a biometric scan to access the company's systems. This security measure is an example of which authentication method?

  • Biometric Authentication
  • Multi-Factor Authentication (MFA)
  • Single Sign-On (SSO)
  • Two-Factor Authentication (2FA)
This security measure is an example of "Multi-Factor Authentication (MFA)." MFA requires users to provide two or more authentication factors (in this case, a password, a smart card, and a biometric scan) to gain access, making it more secure than single-factor authentication.

One of the primary ways to mitigate insider threats is to implement strict _______ controls.

  • Access
  • Administrative
  • Network
  • Security
One of the primary ways to mitigate insider threats is to implement strict security controls. Security controls can include measures like access restrictions, monitoring, and policies designed to prevent unauthorized access and data breaches.

The process of restoring a system or data from a backup following a disaster or data corruption is termed as what?

  • Data Archiving
  • Data Deduplication
  • Data Migration
  • Disaster Recovery
Disaster Recovery is the process of restoring systems, data, and infrastructure after a disaster, such as a natural catastrophe or a major data breach. It ensures that a business can continue operations after a disruptive event.

In DLP strategies, which term refers to the unauthorized transfer of data outside of an organization's boundaries?

  • Data Breach
  • Data Exfiltration
  • Data Leak
  • Data Spill
Data Exfiltration is the unauthorized transfer of data from an organization's internal network to an external location. It's a critical concern in Data Loss Prevention (DLP) strategies, as it can lead to data breaches.