Practice Exam Newest 2026 Questions and
Correct Detailed Answers Already Graded A+
The information technology department in a large organization is implementing a
new system where the system allows, determines, and enforces various resources
based on predefined company guidelines.
Which concept is the department implementing?
AAA
Zero trust
Authorization models
Policy-driven access control - CORRECT ANSWER-Policy-driven access control
What social engineering technique involves the threat actor committing resources
to accurately duplicate a company's logos, formatting, and communication style
to make a phishing message or fake website visually compelling and convincing?
Brand impersonation
Spear phishing
,Vishing
Pharming - CORRECT ANSWER-Brand impersonation
The success of asymmetric encryption is MOST dependent upon which of the
following?
The secrecy of the key
The complexity of the ciphertext
The secrecy of the algorithm
The integrity of the individuals who created the cryptosystem - CORRECT
ANSWER-The secrecy of the key
Which command should you use to display listening and non-listening sockets on
your Linux system? (Tip: enter the command as if in Command Prompt.) -
CORRECT ANSWER-netstat -a
A risk manager for a company providing IT support services conducts a business
impact analysis (BIA) and identifies a mission essential function (MEF) that relies
on a server with a mean time between failures (MTBF) of 2,500 hours and a mean
time to repair (MTTR) of 4 hours.
,Given a maximum tolerable downtime (MTD) of 24 hours and a recovery time
objective (RTO) of 6 hours for this function, what should the risk manager
prioritize in the risk management strategy?
Increasing the MTD for the function.
Improving the MTBF of the server.
Reducing the MTTR of the server.
Extending the RTO for the function. - CORRECT ANSWER-Reducing the MTTR
of the server
You are the IT Security Manager at a healthcare organization. The organization
frequently uses removable media devices like USB drives to transfer patient data
between different departments.
Given the sensitive nature of the data, you are tasked with ensuring the data
remains secure during transfer.
What is the MOST effective way to achieve this?
Regularly update the operating systems and all installed applications on the
computers that will be used to transfer the data.
Install the latest antivirus software on all computers that will be used to transfer
the data.
, Implement a strict password policy for all users who will have access to the data.
Encrypt the data on the removable media devices. - CORRECT ANSWER-
Encrypt the data on the removable media devices.
A cloud storage company wants to ensure that it stores user data in the same
country as the user's physical location.
Which factor is the cloud storage company primarily considering here?
Data classification
Data integrity
Geolocation
Data sovereignty - CORRECT ANSWER-Geolocation
A new hire has just joined the IT department of a large organization. The human
resources (HR) department assigns the employee an initial set of credentials for
accessing the company network.
However, the new hire requires additional access to other systems within the
company network.
Given this context, which of the following represents the MOST accurate example
of implementing the principle of least privilege in this organization?