Which of the following describes availability when referring to the CIA Triad? Options: Data are permanently deleted after use by authorized individuals. Data are only accessible by authorized individuals. Data are accurate and trustworthy when being viewed by authorized individuals. Data are accessible when required by authorized individuals.

Which of the following is a potential effect of a breach involving data from a government system? Members of the public could have their PII compromised. The government will be able to access additional resources. Private industries will be given access to more government contracts. The government will reduce their spending on security features.

Which of the following describes a state adversary?

A risk manager is running a risk assessment for their organization. They have gathered all the assets that are in the scope of assessment and determined the value for each asset. What should be the risk manager's next step in the risk assessment?

Which of the following is an example of a hardware vulnerability for a device? A device that uses insecure APIs. A device that allows unsanitized user inputs. A device that has imported third-party libraries. A device with out-of-date firmware.

Which of the following proactive strategies help a cybersecurity professional determine threats that could impact a system they are trying to protect? They can run system health checks. They can set up user access controls. They can implement multi-factor authentication. They can think like an adversary would.

Which of the following would be an example of something that might show up on a quantitative security vulnerability risk analysis? Options: The chance of a laptop being damaged is high. The probability of a laptop’s battery going bad is 4%. The impact of a laptop screen cracking is “critical”. The cost to replace a stolen laptop would be $800.