Which of the following may authorize an organization to monitor an employee’s company computer and phone usage?
Which of the following measurements indicates there may be bias In the forecast model?
The Cloud Security Alliance (CSA) publishes the Egregious Eleven, a list of common threats to organizations using cloud services. According to the CSA Egregious Eleven, which of the following cases falls under the category of misconfiguration and inadequate change control?
A security team member is assessing an organization’s backup strategy that follows the 3-2-1 rule. How many different types of media should they inspect to validate?
A security practitioner has been asked to investigate the presence of customer Personally Identifiable Information (PII) on a social media website. Where does the practitioner begin?
Who is ultimately responsible for ensuring that specific data is protected?
What is the MAIN privacy risk raised by federated identity solutions?
An organization has determined that it needs to retain customer records for at least thirty years to discover generational trends in customer behavior. However, relevant local regulation requires that all Personally Identifiable Information (PII) is deleted after expiration of the customer's engagement with the organization, which is usually no longer than one year. How should the data be handled at the expiration of customer engagement at one year?
An organization provides customer call center operations for major financial services organizations around the world. As part of a long-term strategy, the organization plans to add healthcare clients to the portfolio. In preparation for contract negotiations with new clients, to which cybersecurity framework(s) should the security team ensure the organization adhere?
While doing a penetration test, auditors found an old credential hash for a privileged user. To prevent a privileged user's hash from being cached, what is the MOST appropriate policy to mandate?
The Information Technology (IT) manager of a large organization has been tasked with implementing a distributed third-party Identity As A Service (IDaaS). The local security team is concerned that the Identity Provider (IdP) and resource provider have direct connectivity outside of enterprise control. Which of the following authentication methods BEST address this concern?
Which of the following measurements indicates there may be bias In the forecast model?
An organization experienced multiple compromises of endpoints, leading to breaches of systems and data. In updating its strategy to defend against these threats, which of the following BEST considers the organization’s needs?
Which of the physiological biometric scanning methods is considered the MOST invasive?
During a security incident investigation, a security analyst discovered an unauthorized module was compiled into an application package as part of the application assembly phase. This incident occurred immediately prior to being digitally signed and deployed using a deployment pipeline.
Which of the following security controls would BEST prevent this type of incident in the future?
