Question 501
An organization determines that an end-user has clicked on a malicious link. Which of the following would MOST effectively prevent similar situations from recurring?
Question 502
Ongoing tracking of remediation efforts to mitigate identified risks can BEST be accomplished through the use of which of the following?
Question 503
An organization's information security manager is performing a post-incident review of a security incident in which the following events occurred:
* A bad actor broke into a business-critical FTP server by brute forcing an administrative password
* The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored
* The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server
* After three hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail Which of the following could have been prevented by conducting regular incident response testing?
* A bad actor broke into a business-critical FTP server by brute forcing an administrative password
* The third-party service provider hosting the server sent an automated alert message to the help desk, but was ignored
* The bad actor could not access the administrator console, but was exposed to encrypted data transferred to the server
* After three hours, the bad actor deleted the FTP directory, causing incoming FTP attempts by legitimate customers to fail Which of the following could have been prevented by conducting regular incident response testing?
Question 504
Which of the following is the MOST important consideration when securing customer credit card data acquired by a point-of-sale (POS) cash register?
Question 505
The MOST appropriate owner of customer data stored in a central database, used only by an organization's sales department, would be the: