W836 Pre- Assessment Fundamentals of Information Security Exam V1| Questions and Verified Answers| Grade A| 2023/ 2024 Update (70 Q&A)
W836 Pre- Assessment Fundamentals of
Information Security Exam V1| Questions
and Verified Answers| Grade A| 2023/ 2024
Update (70 Q&A)
QUESTION
An organization wants to minimize the impact of user credential theft by ensuring that only HR
staff can access employee personal information.
Which security mechanism should it implement?
Answer:
Apply the principle of least privilege
QUESTION
An organization wants to prevent malware from infecting its workstations, mobile devices, and
web applications.
Which security tool should it implement?
Answer:
Antivirus
QUESTION
A small IT firm is required to authenticate remote customers who access the firm’s network.
Which protection technique should the IT firm employ to satisfy this requirement?
Answer:
Certificates
QUESTION
A company has files stored on a server that are critical to the organization’s viability. The
administrator has assigned the appropriate permissions to the files.
How should the administrator provide additional confidentiality protection for the files at rest?
Answer:
File encryption
QUESTION
Which security solution can an organization deploy to prevent unauthorized external access to its
internal network?
Answer:
Firewall
QUESTION
A restaurant needs to protect its customers’ credit card information.
Which security standard should the restaurant follow?
Answer:
PCI DSS
QUESTION
In addition to a username and corresponding password, a desktop application asks users to
submit a special code. This code is produced by an application running on the users’ mobile
phone.
Which authentication technique is the phone application providing?
Answer:
Something you have
QUESTION
Employees are required to swipe their access cards and then to use an iris scanner to access
protected areas in the company’s data center.
Which two authentication techniques are used to protect the data center?
Answer:
Something you have and something you are
QUESTION
A health company must comply with HIPAA regulations. It decides to encrypt databases that
contain HIPAA information.
Which resource is the health company directly trying to protect?
Answer:
Data
QUESTION
A file is stored in a marketing folder and is accessible only to members of the marketing group.
An attacker uses a phishing scam to gain the credentials of a user who is a member of the
marketing group, and then reads the file.
Which leg of the CIA triad is being targeted?
Answer:
Confidentiality
QUESTION
An attacker performs a buffer overflow attack on an organization’s web server. The web server
locks up and must be restarted to restore functionality.
Which part of the CIA triad is under attack?
Answer:
Powered by https://learnexams.com/search/study?query=