Answer: Pretexting
Explanation: Pretexting involves fabricating a scenario to trick someone into revealing sensitive information.

Answer: DDoS
Explanation: A Distributed Denial-of-Service (DDoS) attack floods a system with traffic from multiple sources, rendering it unusable.

Answer: RSA
Explanation: RSA is an asymmetric encryption algorithm commonly used for secure key exchange.

Answer: Risk transference
Explanation: Transferring risk means passing the impact of risk to another entity, like an insurer.

Answer: WPA3
Explanation: WPA3 is the latest wireless encryption standard, offering improved security over WPA2.

Answer: Smart Card + PIN
Explanation: MFA should use two different authentication factors, such as "something you have" (smart card) and "something you know" (PIN).

Answer: Input validation
Explanation: Input validation ensures that user-supplied data does not include malicious SQL commands.

Answer: Whaling
Explanation: Whaling is a targeted phishing attack aimed at executives or high-profile individuals.

Answer: Worm
Explanation: Worms replicate themselves across networks without user intervention, often degrading system performance.

Answer: Recovery
Explanation: Once containment and eradication are complete, recovery ensures that systems return to operational status, restoring data and services.

Correct Answer: Brute-force attack
Explanation: A brute-force attack involves trying multiple username-password combinations to gain unauthorized access. The widespread login attempts suggest an automated attack.

Correct Answer: Disable USB ports in BIOS or Group Policy
Explanation: Disabling USB ports or restricting USB device access through Group Policy prevents unauthorized copying of sensitive data.

Correct Answer: To collect, analyze, and correlate security logs
Explanation: SIEM systems centralize log collection and use analytics to detect potential security threats.

Correct Answer: Phishing
Explanation: Phishing attacks trick users into providing sensitive information by pretending to be a trusted entity.

Correct Answer: Smart card and PIN
Explanation: MFA requires multiple authentication factors, such as something the user has (smart card) and something they know (PIN).

Correct Answer: Users receive permissions based on their job roles
Explanation: RBAC grants permissions based on a user’s job function, minimizing unnecessary access.

Correct Answer: Data exfiltration by malware
Explanation: Large unexpected outbound data transfers often indicate that malware or an attacker is stealing data.

Correct Answer: Network address translation (NAT)
Explanation: NAT hides internal IP addresses from external attackers, making network reconnaissance more difficult.

Correct Answer: Ensure business continuity after a security incident
Explanation: A DRP focuses on restoring business operations as quickly as possible after a disruption.

Correct Answer: Zero-day attack
Explanation: A zero-day attack exploits a previously unknown vulnerability before a patch is available.

Correct Answer: Public key infrastructure (PKI)
Explanation: PKI enables secure email communication using encryption and digital certificates.

Correct Answer: Integrity
Explanation: Integrity ensures that data is not altered or tampered with by unauthorized users.

Correct Answer: Geolocation-based access restrictions
Explanation: Restricting logins based on geographical location helps prevent unauthorized access.

Correct Answer: Disabling unused services and ports
Explanation: Reducing the number of services and open ports minimizes potential entry points for attackers.

Correct Answer: Man-in-the-middle attack
Explanation: A man-in-the-middle attack occurs when an attacker intercepts and alters communication between two parties.

Correct Answer: Using long passwords with a mix of characters
Explanation: Complex passwords with length, uppercase/lowercase letters, numbers, and symbols enhance security.

Correct Answer: Encrypt the data before storing it in the cloud
Explanation: Encrypting data before cloud storage ensures that even if it is accessed by unauthorized parties, it remains unreadable.

Correct Answer: Use input validation and parameterized queries
Explanation: Validating user inputs and using parameterized queries prevent SQL injection attacks.

Correct Answer: Identify and classify the incident
Explanation: The first step in incident response is identifying and categorizing the issue to determine the appropriate action.

Correct Answer: Biometric authentication
Explanation: Fingerprint scanning is a form of biometric authentication, which verifies identity based on physical characteristics.