A. An action that causes damage to a system.

B. A weakness that can be exploited by threats.

C. A protective measure against cyberattacks.

D. A process for encrypting sensitive data.

Confidentiality, Integrity, and Availability.

Control, Identification, and Authorization.

Cryptography, Intrusion Detection, and Access Control.

Compliance, Inspection, and Authentication.

Phishing

Denial of Service (DoS)

Brute Force Attack

Man-in-the-Middle Attack

A. Principle of Least Privilege

B. Zero Trust Security

C. Defense-in-Depth

D. Single Sign-On

To remove outdated hardware components

To make a system more resilient against attacks

To allow external users easier access

To decrease the complexity of security controls

A. A hacker using brute force to guess passwords.

B. An employee leaking confidential data to competitors.

C. A botnet performing a denial-of-service attack.

D. A phishing attack targeting an organization's employees.

A. A short-lived attack that exploits system misconfigurations.

B. A low-level threat that affects individual devices.

C. A continuous, stealthy attack by a skilled adversary.

D. A ransomware attack that encrypts data and demands payment.