Engineering Exam 2026 | Questions With
Verified Answers
1. A security team notices traffic coming from a country where the
organization does not have any business operations. Which of the
following could this be an indicator of?
a) High call volume
b) Odd network traffic
c) Geographic anomalies
d) Unauthorized changes
Correct Answer: c) Geographic anomalies
2. Which solution will notify a security team automatically in the event of
future malware variants invading the network?
a) Security information and event management (SIEM) alerts
b) Data loss prevention (DLP) alerts
c) Antivirus alerts
d) Syslog alerts
Correct Answer: c) Antivirus alerts
3. A company has recently experienced a data breach from an insider
threat. The insider accessed sensitive information stored in the
administrator account from their user account and was not in a
,supervisory role. Which policy should the company implement?
a) Password complexity policy
b) Least privilege
c) Separation of duties
d) Job rotation
Correct Answer: b) Least privilege
4. A government agency is planning a hybrid cloud deployment. Strict
controls must label classified data, and access rights must be granted
based on the user's government security classification. Which access
control model should be used?
a) Role-Based Access Control (RBAC)
b) Mandatory Access Control (MAC)
c) Attribute-Based Access Control (ABAC)
d) Discretionary Access Control (DAC)
Correct Answer: b) Mandatory Access Control (MAC)
5. A security architect is designing a strategy to help continue operating
in the face of a cyber-attack. Which three actions help accomplish this
objective? (Select three)
a) Heterogeneity
b) Clustering
c) COA development
d) Migrating to the cloud
Correct Answer: a) Heterogeneity, b) Clustering, c) COA development
,6. Which data type should be used to calculate 90% of the retail price of
an item?
a) Boolean
b) Auto-number
c) Floating-point
d) String
Correct Answer: c) Floating-point
7. How should a security analyst detect a potential structured query
language (SQL) injection attack?
a) By looking for extra and unexpected symbols and characters in certain
queries
b) By looking for repeated failed login attempts to the database server
c) By looking for database primary key changes on the production
environment
d) By looking for administrative command attempts within database log
files
Correct Answer: a) By looking for extra and unexpected symbols and
characters in certain queries
8. A cybersecurity analyst conducted a vulnerability assessment and
discovered multiple vulnerabilities on the company's webpage. The CISO
decided not to fix the discrepancies due to the vulnerabilities being
outside of the organization's resources. Which risk mitigation strategy is
demonstrated?
, a) Accept
b) Mitigate
c) Avoid
d) Transfer
Correct Answer: a) Accept
9. A company has discovered a vulnerability in its DNS that could allow
attackers to redirect users to malicious websites. What is the most
effective risk management strategy?
a) Implementing DNSSEC to digitally sign DNS responses
b) Increasing the frequency of DNS server patching
c) Conducting regular security awareness training on phishing risks
d) Restricting DNS access to trusted IP addresses only
Correct Answer: a) Implementing DNSSEC to digitally sign DNS
responses
10. What is single sign-on (SSO)?
a) Using multiple authentication credentials for one account
b) Using one authentication credential to access multiple accounts or
applications
c) A protocol for encrypting email communications
d) A type of firewall configuration
Correct Answer: b) Using one authentication credential to access
multiple accounts or applications. In Windows this is provided by the
Kerberos framework.