Correct Answer: Password history policy
Explanation: A password history policy prevents users from reusing previous passwords, reducing the risk of compromised credentials.

Correct Answer: Credential stuffing attack
Explanation: Credential stuffing uses stolen username-password pairs to attempt logins on multiple services.

Correct Answer: Enable database encryption
Explanation: Database encryption ensures that stored data remains secure, even if unauthorized access occurs.

Correct Answer: Multifactor authentication (MFA)
Explanation: MFA requires two or more factors, such as a smart card (something you have) and a PIN (something you know), to enhance security.

Correct Answer: Zero-day attack
Explanation: Zero-day attacks exploit vulnerabilities before vendors release security patches.

Correct Answer: VPN
Explanation: A Virtual Private Network (VPN) encrypts remote connections, providing secure access to corporate resources.

Correct Answer: S/MIME
Explanation: S/MIME allows email encryption and digital signatures to ensure authenticity and confidentiality.

Correct Answer: NTP
Explanation: The Network Time Protocol (NTP) ensures synchronized timestamps across all systems, improving log consistency.

Correct Answer: Data Loss Prevention (DLP)
Explanation: DLP solutions monitor and restrict data transfers to prevent unauthorized data leakage.

Correct Answer: Replay attack
Explanation: A replay attack involves capturing and resending data packets to impersonate a legitimate user.

Correct Answer: Distributed denial-of-service (DDoS)
Explanation: A DDoS attack floods a target with traffic from multiple sources, overwhelming system resources.

Correct Answer: Privilege escalation
Explanation: Privilege escalation exploits software flaws to gain higher access privileges than originally granted.

Correct Answer: Cross-site scripting (XSS)
Explanation: XSS occurs when an attacker injects malicious scripts into web pages viewed by other users.

Correct Answer: BitLocker
Explanation: BitLocker provides full-disk encryption, protecting all data on a lost or stolen device.

Correct Answer: Spear phishing
Explanation: Spear phishing targets specific individuals with deceptive emails to steal credentials or deploy malware.

Correct Answer: Between the firewall and the internal network
Explanation: An IPS should be placed between the firewall and internal network to actively monitor and block threats before they reach internal systems.

Correct Answer: DNS poisoning
Explanation: DNS poisoning (or DNS spoofing) manipulates DNS records to redirect users to malicious sites.

Correct Answer: Preventing unauthorized network access
Explanation: 802.1X provides port-based authentication, ensuring that only authorized devices can connect to the network.

Correct Answer: Zero Trust architecture
Explanation: Zero Trust requires continuous verification of user identity and device compliance, ensuring only trusted devices and users can access sensitive data.

Correct Answer: Brute-force attack
Explanation: A brute-force attack attempts multiple password combinations until access is gained, leading to account lockouts due to too many failed attempts.