^{In the context of cybersecurity policies, there is a principle that mandates granting employees the minimum level of access necessary to perform their job functions. For instance, an IT support staff member may have access to troubleshooting tools but not to financial records or executive emails. This practice, which aims to reduce the risk of unauthorized actions or security breaches, is referred to as ___________.}

A Separaton of dutes

B Dual operator policy

C Least privilege

D Single operator policy

_{which of the following is NOT a category of digital evidence}

A  Network logs

B  Emails

C  Eyewitness testimony

D  Social media posts

_{Chosen-ciphertext attack (CCA) is a more powerful attack than chosen-plaintext attack (CPA) because the attacker can manipulate the ciphertext before decryption. True or False?}

(a) True

(b) False

_{NIST Cybersecurity Framework (CSF) provides a voluntary framework for managing cybersecurity risk.  The framework identifies five core functions.  Which function focuses on identifying, detecting, and responding to security events?}

A Identify

B Protect

C  Detect

D Respond and Recover

_{A red team engagement simulates a real-world cyberattack scenario.  The red team has gained initial access to a user's workstation.  Their objective is to achieve domain administrator privileges on a critical server.  Which of the following attack techniques would be the MOST effective for achieving this goal?}

A Brute-forcing local administrator password on the compromised workstation.

B Launching a watering hole attack to target other users within the domain.

C Exploiting a known privilege escalation vulnerability on the compromised workstation. 

D Deploying ransomware on the compromised workstation to disrupt operations.

^{In the context of networking, particularly in the OSI model, which term is used to describe the unique identifier assigned to a device at the network layer for communication purposes?}

A Logical Address

B Physical Address

C Memory Address

D Main Address

_{Which of the following tools is commonly used for memory forensics in cybersecurity investigations?}

A Wireshark

B EnCase

C Volatility

D Aircrack-ng

_{Post-quantum cryptography (PQC) is a field of cryptography that aims to develop algorithms resistant to attacks by quantum computers. Why are quantum computers a threat to current encryption methods?}

A They can easily factor large prime numbers used in RSA encryption

B They can bypass firewalls.

C They can brute-force passwords much faster.

D They can steal data directly from memory.

_{SOC 2 reports are issued by independent auditors to assess a service organization's security controls.  There are two main types of SOC 2 reports: SOC 2 Type 1 and SOC 2 Type 2.  Which type of SOC 2 report provides a more in-depth examination of a service organization's controls over a period of time?}

A SOC 2 Type 1

B SOC 2 Type 2

C SOC 2 Extended Report

D SOC 2 Comprehensive Report

_{A hacker wants to modify the firmware of a specific embedded system.  They lack the manufacturer's original scheme and development tools.  Which of the following techniques would be MOST helpful in achieving this goal?}

A Brute-force password attacks on the device's user interface.

B Reverse engineering the device's firmware to understand its functionality. 

C  Exploiting a known software vulnerability within the embedded system.

D Purchasing a similar device and modifying its firmware for the target system

_{Among the following cyberattacks, which one prioritizes establishing long-term, covert access to a network for espionage or data exfiltration, frequently utilizing social engineering tactics to gain an initial foothold and employing sophisticated, custom-designed malware to ensure persistence?}

A Advanced Persistent Threat (APT)

B Denial-of-Service (DoS) attack

C Fileless attack

D Ransomware attack

_{What is the primary purpose of using a hardware security module (HSM) in a cybersecurity infrastructure?}

A To manage digital certificates

B To securely store and manage cryptographic keys

C To perform real-time network traffic analysis

D To provide secure remote access to network resources

_{What is the purpose of channel hopping in Wi-Fi networks?}

A To increase the range of the signal.

B To improve data transfer speeds.

C To avoid interference from other Wi-Fi networks. 

D To enhance security by making it harder for attackers to track packets.

_{A company operates in two EEA countries with slightly different data protection laws.  One country requires a Data Protection Officer (DPO) appointment for all companies handling personal data, while the other only mandates it for companies above a certain size threshold.  The company falls below the size threshold in the second country.  Does the company need to appoint a single DPO to cover both countries?}

A  Yes, a single DPO can manage compliance for both countries.

B  No, the company only needs a DPO in the country with the mandatory requirement.

C  The answer depends on the specific differences between the two countries' laws. 

D The company can choose which country's DPO appointment requirements to follow.

_{A penetration tester needs to bypass a physical security measure (e.g., badge reader) protecting a server room.  They cannot exploit any logical vulnerabilities in the access control system itself.  Which of the following techniques would be the MOST effective for gaining unauthorized access?}

A Launching a social engineering attack to trick an authorized employee into granting access.

B Tailgating an authorized employee entering the server room.

C Picking the lock on the server room door using traditional lockpicking tools.

D Jamming the badge reader signal to bypass its functionality.