Correct Answer: Use a sandbox environment
Explanation: A sandbox provides an isolated environment to safely execute and analyze potentially malicious files.

Correct Answer: BitLocker
Explanation: BitLocker is a full-disk encryption feature used to protect data stored on a system’s hard drive.

Correct Answer: S/MIME
Explanation: Secure/Multipurpose Internet Mail Extensions (S/MIME) is used for encrypting and digitally signing emails, ensuring confidentiality and integrity.

Correct Answer: Access control lists (ACLs)
Explanation: Technical controls, like ACLs, are implemented through technology to protect systems and data.

Correct Answer: To collect, analyze, and report on security-related data from various sources
Explanation: SIEM systems aggregate and analyze security data to identify potential threats and support incident response.

Correct Answer: Overwhelming a target system with traffic from multiple sources
Explanation: DDoS attacks involve multiple systems flooding a target with traffic, causing service disruptions.

Correct Answer: The remaining risk after implementing security controls
Explanation: Residual risk is the leftover risk after security measures have been applied.

Correct Answer: It enhances security by requiring multiple forms of verification
Explanation: MFA requires users to provide two or more verification factors, increasing security beyond single-factor authentication.

Correct Answer: Brewer-Nash model
Explanation: Also known as the Chinese Wall model, it prevents conflicts of interest by restricting access based on user roles and data classifications.

Correct Answer: To verify the authenticity and integrity of a message or document
Explanation: Digital signatures ensure that a message or document has not been altered and confirm the identity of the sender.

Correct Answer: SSH
Explanation: SSH (Secure Shell) provides a secure channel over an unsecured network, allowing secure management of network devices.

Correct Answer: A previously unknown security flaw that is exploited before a fix is available
Explanation: Zero-day vulnerabilities are unknown to the software vendor and can be exploited by attackers before a patch is developed.

Correct Answer: Biometric access systems
Explanation: Physical security controls, like biometric systems, restrict physical access to facilities or equipment, enhancing overall security.

Correct Answer: To manage and distribute digital certificates
Explanation: PKI is a framework for creating, managing, distributing, and revoking digital certificates, facilitating secure electronic communications.

Correct Answer: A technique used to trick individuals into divulging sensitive information
Explanation: Phishing involves fraudulent communications, often emails, that appear to come from reputable sources to steal sensitive data.

Correct Answer: Worm
Explanation: A worm is a standalone malware that replicates itself to spread to other computers, often exploiting vulnerabilities without user action.

Correct Answer: To block unauthorized access while permitting authorized communications
Explanation: A firewall controls incoming and outgoing network traffic based on predetermined security rules, acting as a barrier between trusted and untrusted networks.

Correct Answer: Users are granted the minimum access necessary to perform their duties
Explanation: The principle of least privilege ensures users have only the access necessary for their job functions, reducing potential security risks.

Correct Answer: To isolate public-facing servers from the internal network
Explanation: A DMZ is a network segment that separates public-facing services from the internal network, enhancing security by limiting external access to internal systems.

Correct Answer: AES
Explanation: AES (Advanced Encryption Standard) is a symmetric encryption algorithm, meaning it uses the same key for both encryption and decryption.