Sec+2

A tech company, InnovateTech, has recently faced multiple incidents of unauthorized personnel trying to access their R&D labs. They wish to monitor and record all activities near the entrance of this sensitive area. Which physical security measure would be most effective for this requirement?

A cybersecurity analyst at XYZ Corp is looking to deploy a system that appears to be vulnerable and enticing to attackers. The main goal is to study the tactics, techniques, and procedures (TTPs) of potential adversaries, without them realizing that they’re interacting with a decoy. Which of the following would BEST meet this requirement?

A multinational organization recently experienced a significant security breach. After investigating, it was determined that a change to the network infrastructure was made without undergoing the standard approval process. As a result, there was a misconfiguration which allowed unauthorized access. What security principle related to change management did the organization neglect?

After a series of cyber-attacks on a company’s infrastructure, the IT team decided to deploy a solution that would seem like a legitimate part of their network but is intentionally isolated and monitored. They intend to detect and analyze malicious activities in this isolated environment. What technology are they most likely implementing?

Liam, the CTO of a medium-sized enterprise, noticed that several software applications were not updated regularly, leading to potential security vulnerabilities. Upon investigation, he realized that no specific team or individual was assigned as the owner of these applications. To enhance security, what should Liam emphasize?

TechSoft Corp, a mid-sized software development firm, is relocating its main office to a new building. The management is concerned about potential threats after hours, particularly due to the increasing reports of cyber-espionage. They are evaluating different security measures. Which option would provide an immediate physical presence and deterrence during non-business hours?

Alice, a system administrator for a startup, is preparing to deploy a new website for her company. To ensure secure communications between the users and the website, she plans to obtain a digital certificate for the site. Before doing so, which step must Alice first undertake to get a certificate from a Certificate Authority (CA)?

Julia, a security administrator, is concerned about potential unauthorized access to confidential project files stored on a company server. She decides to place a document within the project folders that seems enticing but is actually monitored for access. This strategy aims to detect if someone is accessing files without authorization. What is this document commonly known as?

After a recent incident of vandalism, a corporate building is considering implementing security controls that would dissuade potential perpetrators. Which of the following would serve BEST as a deterrent control?

Alice wants to access a restricted online portal. The portal asks her to enter a unique username and a secret passphrase only she should know. This process helps the system ensure that Alice is who she claims to be. What security concept is the portal employing?