Correct Answer: Network Access Control (NAC)
Explanation: NAC ensures that only authorized users and devices are allowed to connect to the network by validating their identity and security posture before granting access.

Correct Answer: Preventive Control
Explanation: A preventive control is designed to stop security incidents before they occur, such as restricting unauthorized changes to critical system configurations.

Correct Answer: Contain and isolate affected systems
Explanation: Containing and isolating affected systems immediately prevents further unauthorized access and limits the potential damage of the data breach.

Correct Answer: Block access to encrypted email services
Explanation: Blocking access to encrypted email services prevents users from bypassing email filters and ensures that all email communications pass through the organization's security controls.

Correct Answer: HTTPS
Explanation: HTTPS (Hypertext Transfer Protocol Secure) encrypts data in transit between the client and server, ensuring that sensitive information is not intercepted or tampered with by attackers.

Correct Answer: VLANs
Explanation: VLANs (Virtual Local Area Networks) segregate network traffic and prevent unauthorized communication between different segments unless explicitly allowed.

Correct Answer: CEO Fraud (Whaling)
Explanation: Whaling is a phishing attack targeting high-level executives to trick them into approving fraudulent transactions or revealing sensitive data.

Correct Answer: Patch Management Policy
Explanation: Patch management ensures that software and operating systems receive timely security updates, reducing vulnerabilities that attackers could exploit.

Correct Answer: Insider Threat
Explanation: Unusual access patterns by an employee could indicate an insider threat, where a malicious or negligent employee misuses their access to sensitive data.

Correct Answer: It records and transmits user keystrokes
Explanation: A keylogger captures and logs user keystrokes, often to steal sensitive information like passwords and credit card details.

Correct Answer: Role-Based Access Control (RBAC)
Explanation: RBAC assigns permissions based on a user's job role, ensuring that employees only access the data necessary for their duties.

Correct Answer: Antivirus Software
Explanation: Antivirus software scans downloaded files for malware and prevents infections before they can compromise the system.

Correct Answer: Enforcing Strong Password Policies
Explanation: Default administrator credentials are a common attack vector. Requiring strong, unique passwords prevents attackers from easily accessing systems using known default credentials.

Correct Answer: WPA2
Explanation: WPA2 (Wi-Fi Protected Access 2) provides strong encryption and authentication mechanisms for securing wireless networks, making it a preferred choice over older protocols like WEP.

Correct Answer: Phishing
Explanation: Phishing is a social engineering attack where attackers trick users into revealing sensitive information, such as passwords or credit card details, by impersonating trusted sources.

Correct Answer: Web Content Filtering
Explanation: Web content filtering restricts user access to certain websites, helping to prevent malware infections, phishing attacks, and other online threats.

Correct Answer: Transport Layer Security (TLS) Encryption
Explanation: TLS encrypts data in transit, preventing attackers from intercepting and reading sensitive information such as user credentials and confidential data.

Correct Answer: Firewall
Explanation: A firewall is a security device or software that monitors and controls incoming and outgoing network traffic based on security rules to prevent unauthorized access.

Correct Answer: Data Exfiltration
Explanation: Data exfiltration occurs when an attacker steals sensitive information from a compromised system, often by transferring it to an external server without authorization.

Correct Answer: Multi-Factor Authentication (MFA)
Explanation: MFA enhances security by requiring users to provide multiple forms of verification, such as a password (something they know), a smartphone (something they have), and biometric authentication (something they are).