An attacker captures an encrypted password hash and uses precomputed values to crack it. Which attack method is being used?

A company is experiencing ransomware attacks that encrypt critical business files. Which control is the best long-term defense?

A company implements a policy where no user or device is automatically trusted, even within the corporate network. Which security model does this follow?

An attacker injects malware into a third-party software update that is then distributed to multiple organizations. Which attack is this?

A company deploys IoT devices that require constant monitoring. Which security measure should be implemented first?

A company digitally signs all outgoing emails to verify their authenticity. Which technology is being used?

Which of the following prevents unauthorized applications from running on a corporate mobile device?

A security analyst reviews SIEM logs and notices multiple failed login attempts from different IP addresses in a short time frame. Which attack is most likely occurring?

A company enforces password history and complexity rules to prevent employees from reusing weak passwords. What type of attack does this mitigate?

A security administrator disables unused switch ports to prevent unauthorized network connections. What type of control is this?

A company uses a tool that detects unauthorized changes to critical system files. Which security control is in place?

A security consultant gains access to a corporate network but is unable to escalate privileges due to limited user permissions. Which type of test was conducted?

An attacker creates a rogue access point that tricks users into connecting by mimicking the company’s Wi-Fi network. Which attack is this?

An attacker follows an employee into a secured building without providing credentials. What type of attack is this?

A developer implements input sanitization to prevent attackers from injecting scripts into web pages viewed by users. Which type of attack is being mitigated?

A security team gathers indicators of compromise (IoCs) from a government cybersecurity agency to improve defenses. What type of intelligence is this?

An attacker modifies DNS records to redirect users to a fake banking website. What type of attack is this?

A company utilizes serverless computing for its applications and does not manage any underlying infrastructure. Which cloud deployment model is being used?

A hacker gains access to a system as a low-level user but then exploits a vulnerability to obtain administrator privileges. What type of attack is this?

A security analyst detects ongoing malicious activity on a company’s network. The team has identified the infected systems and determined that multiple machines have been compromised. What is the next step in the incident response process?