A security architect implements segmentation on an enterprise network to restrict lateral movement of attackers. Which of the following best describes this security strategy?

An attacker exploits an unprotected API to gain unauthorized access to cloud-hosted customer data. Which cloud security issue does this represent?

A security analyst at a multinational corporation needs to share indicators of compromise (IoCs) related to a recent ransomware attack with other companies in the same industry. Which standard should they use?

A malware sample executes normally in a test environment but automatically terminates itself when run inside a sandboxed virtual machine. What technique is the malware using?

A financial institution notices that attackers have maintained access to their network for several months, exfiltrating sensitive customer data in small, hard-to-detect amounts. Which type of attack is this?

A company adopts NIST’s Cybersecurity Framework to improve its security posture. Which function focuses on detecting threats?

An attacker uses a tool to capture unencrypted wireless traffic from a public Wi-Fi network. Which attack is being performed?

An attacker precomputes hashes of common passwords and uses them to crack hashed credentials. Which attack is this?

An attacker exploits unsecured default credentials on an IoT camera to gain remote access. Which security control was missing?

A hacker discovers a zero-day vulnerability in a web application and uses it to execute commands on the backend database. Which attack is this?

After a ransomware attack, a company successfully removes the malware but loses critical data due to encrypted backups. Which security measure would have prevented this?

A government-backed hacking group steals intellectual property from foreign companies over an extended period. Which threat actor category best describes this group?

An attacker steals a private key used for encrypting sensitive emails. Which attack can now be performed?

A fully updated computer is infected with malware that is executed entirely in memory without leaving traces on the hard drive. What type of malware is this?

An attacker impersonates the CEO and sends an urgent email to an employee, requesting a wire transfer to an offshore account. Which attack method is being used?

A company uses SaaS applications for sensitive data processing. An employee accidentally shares a confidential document with a public link. Which security risk has occurred?

A company replaces traditional passwords with a system that requires cryptographic keys stored in hardware security modules (HSMs). Which authentication method is being used?

A hacker modifies logs on a compromised server to erase evidence of unauthorized access. Which security principle has been violated?

An attacker follows an employee into a secure facility after the employee scans their badge. Which type of attack is this?

A cybersecurity analyst notices unexpected DNS requests originating from a compromised machine. The requests appear to be encoded and contain unusual payloads. Which attack technique is most likely being used?