Chris, a lawyer, needs to send a contract to their client for signature. She wants to ensure that 

their client cannot later deny signing the contract. Which of the following methods can they use to prevent them from denying that they have signed contracts?

Encryption

A cryptographic primitive

Firewalls

Digital Signature

Which of the following are hardware issues that result from products that are no longer being made or supported, but are still usable?

Legacy vulnerability

End-of-life vulnerability

Hardware cloning

Hardware tampering

Kelly Innovations LLC wants to implement a network appliance that focuses on filtering traffic based on source and destination IP addresses, and port numbers. Which layer of the OSI model is this appliance primarily operating at?

Layer 4

Layer 2

Layer 3

Layer 5

Which of the following BEST describes how automation and orchestration in cybersecurity operations influence employee satisfaction and retention?

Decreases the demand for cybersecurity professionals.

Reduces repetitive and mundane tasks.

Directly increases salary packages.

Facilitates frequent role rotation among teams.

In a meeting with the CEO, Burton has asked for guidance on developing the rules of engagement for an upcoming penetration test. The CEO doesn't think they need to create rules of engagement since they are hiring an experienced, well respected company to do the penetration testing.  Why is it important for the company to still establish rules of engagement?

They need to know the total costs of the penetration test.

They need the names of all personnel who will be involved in the penetration test.

They need to set boundaries and limitations during the penetration test.

They need to set the timeline for later penetration tests.

MDR Innovations Corp, an IT company, is implementing a process of encryption where two parties establish a shared secret for communication purposes. Which of the following MOST accurately describes this process?

Symmetric encryption

Asymmetric encryption

Key exchange

Hashing

A tech company discovers that the firmware in some of their devices contains a hidden backdoor. Upon investigation, it's determined that the compromised firmware came from an overseas supplier they contracted with. The backdoor gave attackers remote access to devices without user knowledge. What type of attack vector has the company fallen victim to?

Supply Chain

Blue Snarfing

Drive by download

On- path attack

Kellen & Boevi Security Services has recommended your company use a port based system to prevent unauthorized users and devices. Which of the following are they recommending?

Fail-open

802.1X

Fail-closed

IDS

While performing a digital investigation, which of the following statements BEST describes the role of preservation of evidence?

It maintains the integrity of digital evidence over time.

It allocates budgetary resources for the forensic investigation.

It allows investigators to prioritize evidence collection.

It provides legal teams with a roadmap for case strategy.

Which of the following BEST describes the Software Development Life Cycle (SDLC) in application security?

It replaces the need for regular software updates and patches.

It emphasizes the integration of security in software creation and maintenance.

It only considers security during the testing and creation phases of software development.

It primarily focuses on the speed of software delivery over security.

Which of the following terms emphasizes the mathematical structure used to scramble data so that only a specific key can unscramble it?

Digital signature

Encryption algorithm

Hash function

Cipher block

Which of the following mitigation techniques can help enforce compliance with security standards and policies on a system or network by designating programs that are allowed to run and blocking all other programs from being run?

Least Privilege

Patching

Application allow list

Configuration Enforcement

Which of the following hardening techniques can help protect systems or devices from attacks by installing software like a firewall or antivirus directly on user devices to report and block potential attacks?

Patching

Changing Default Passwords

Least Privilege

Installation of endpoint protection

When a legal organization routinely communicates with clients via email containing sensitive case details, which strategy would be the MOST effective to secure the communications?

Conducting regular user cybersecurity training

Implementation of end-to-end encrypted email

Utilization of VPNs for email transmission

Deployment of regular data backups to secure cloud storage

If a company's server has an estimated Single Loss Expectancy (SLE) of $15,000 due to an operational failure, and the Annual Rate of Occurrence (ARO) of these failures is expected to be 0.1 times per year, what is the Annual Loss Expectancy (ALE)?