In IoT security, ____________ is a technique used to verify the integrity and authenticity of software updates.

  • Code Signing
  • Encryption
  • Intrusion Detection System (IDS)
  • Two-Factor Authentication
Code signing is a security technique in IoT that involves digitally signing software updates with a cryptographic signature. This ensures the integrity and authenticity of the update, preventing unauthorized modifications. Understanding this technique is crucial for maintaining the security of IoT devices and protecting against malicious software updates.__________________________________________________

Implementing ____________ in a mobile app helps in protecting against unauthorized API access.

  • API Security
  • Endpoint Security
  • Mobile Device Management (MDM)
  • Token-based Authentication
Token-based authentication is an effective method for protecting against unauthorized API access in mobile apps. It involves the use of unique tokens generated during user authentication to validate subsequent API requests. Understanding the role of token-based authentication is essential for securing API interactions and preventing unauthorized access to sensitive data and functionalities in mobile applications.__________________________________________________

To secure an API, it is essential to validate all ____________ to prevent injection attacks.

  • API Requests
  • Authentication Tokens
  • Input Data
  • User Permissions
To secure an API, it is essential to validate all API requests. Injection attacks, such as SQL injection or command injection, can occur when untrusted data is not properly validated. By validating API requests, organizations can prevent malicious actors from injecting harmful code into their systems, enhancing overall security.__________________________________________________

A financial institution uses SIEM to detect unusual login patterns indicating possible account takeovers. This is an example of SIEM's ____________ capabilities.

  • Anomaly Detection
  • Incident Response
  • Log Management
  • Threat Intelligence
SIEM's anomaly detection capabilities involve identifying deviations from normal behavior, such as unusual login patterns, which could indicate account takeovers. Understanding how SIEM systems utilize anomaly detection is essential for effectively detecting and mitigating potential security threats in real-time.__________________________________________________

A multinational company must ensure GDPR compliance across all branches. This includes implementing ____________ to secure personal data transfers outside the EU.

  • Biometric Authentication
  • Intrusion Detection System (IDS)
  • Standard Contractual Clauses (SCCs)
  • Virtual Private Network (VPN)
To secure personal data transfers outside the EU and ensure GDPR compliance, multinational companies often implement Standard Contractual Clauses (SCCs). SCCs are contractual terms approved by the European Commission and provide a legal framework for the protection of personal data during international transfers. Understanding the use of SCCs is crucial for managing global data privacy requirements.__________________________________________________

Which tool is commonly used for automated vulnerability scanning?

  • Metasploit
  • Nessus
  • Snort
  • Wireshark
Nessus is a commonly used tool for automated vulnerability scanning. It helps identify and assess vulnerabilities in systems and networks, providing valuable information to security teams. Recognizing the role of tools like Nessus in vulnerability management is essential for organizations to proactively address and mitigate potential security risks.__________________________________________________

A company regularly conducts simulated attacks on its network to test its disaster recovery procedures. This practice is an example of ____________.

  • Penetration Testing
  • Red Team Exercise
  • Tabletop Exercise
  • Vulnerability Assessment
Conducting simulated attacks on the network to test disaster recovery procedures is an example of a Tabletop Exercise. This practice involves a group discussion and simulation of a disaster scenario, allowing participants to evaluate their response strategies and identify areas for improvement. It helps organizations enhance their preparedness and coordination in the event of a real disaster or cybersecurity incident.__________________________________________________

The practice of sanitizing user input in a web application is crucial to prevent ____________ attacks.

  • Clickjacking
  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • SQL Injection
The blank should be filled with "SQL Injection" attacks. Sanitizing user input is essential to prevent SQL Injection, where attackers manipulate input to execute unauthorized SQL queries. Understanding and implementing input validation can help mitigate the risk of SQL Injection, a common technique used to compromise database security in web applications.__________________________________________________

What role does 'scenario analysis' play in advanced Business Continuity Planning?

  • Determines legal liabilities in a crisis
  • Establishes communication protocols during disasters
  • Identifies potential risks and their impact on business operations
  • Tests the effectiveness of data backup and recovery
Scenario analysis in advanced Business Continuity Planning (BCP) involves identifying potential risks and assessing their impact on business operations. This proactive approach allows organizations to anticipate and plan for various scenarios, enabling better-preparedness. It goes beyond simple risk assessment by considering the interdependencies of different events. Understanding the role of scenario analysis is critical for developing robust BCP strategies that account for a wide range of potential disruptions.__________________________________________________

Which protocol is commonly used for secure communication over the internet?

  • DNS
  • FTP
  • HTTPS
  • SNMP
HTTPS (Hypertext Transfer Protocol Secure) is commonly used for secure communication over the internet. It adds a layer of encryption (SSL/TLS) to standard HTTP, ensuring that data exchanged between a user's browser and a website is encrypted and secure. Knowledge of HTTPS is essential for understanding how websites protect sensitive information during online transactions and communications, contributing to overall internet security.__________________________________________________