Infrastructure Security Assessment
Comprehensive Review Actual Exam 2026/2027
with Detailed Rationales | Complete Exam-Style
Questions | Pass Guaranteed – A+ Graded
══════════════════════════════════════
SECTION 1: CYBERSECURITY FUNDAMENTALS & RISK MANAGEMENT Q1 – Q10
══════════════════════════════════════
Question 1 of 50
A regional healthcare organization is preparing for a HIPAA audit and discovers that several
patient records were modified by an unauthorized user who gained access through a
compromised clinician credential. The organization must classify this incident based on the
impact to information security principles. Which principle was primarily violated, and what
additional principle is at risk if the modified records are used for clinical decision-making?
A. Confidentiality was violated, and integrity is at risk if modified records influence treatment
decisions
B. Availability was violated, and confidentiality is at risk if the records remain accessible to
unauthorized parties
C. Integrity was violated, and availability is at risk if the system must be taken offline for
remediation
D. Non-repudiation was violated, and confidentiality is at risk if audit logs cannot verify user
actions ✓ CORRECT
Correct Answer: D
Rationale: Non-repudiation ensures that actions can be traced to a specific user and cannot
be denied; when an unauthorized user operates with a compromised legitimate credential, the
system cannot reliably attribute actions to the true user, violating non-repudiation. If audit
logs fail to distinguish between the legitimate clinician and the attacker, confidentiality is
further compromised because the organization cannot determine what data was accessed or
by whom. In practice, credential compromise incidents require immediate credential
revocation and forensic log analysis to re-establish non-repudiation before assessing broader
confidentiality impacts.
Question 2 of 50
,During a quarterly risk assessment, a financial services firm identifies that its legacy payment
processing system lacks encryption for data in transit between branch offices and the central
data center. The risk register currently rates this as "High" due to the sensitivity of payment
card data. The CISO proposes replacing the leased lines with an MPLS VPN and
implementing TLS 1.3 for all inter-branch communications. Which risk treatment strategy is
the CISO proposing, and what residual risk consideration remains?
A. Risk acceptance, with residual risk managed through cyber insurance coverage for
payment card breaches
B. Risk mitigation, with residual risk remaining from potential TLS implementation
vulnerabilities or misconfigurations
C. Risk transfer, with residual risk managed through contractual liability clauses with the
MPLS provider
D. Risk avoidance, with no residual risk since the legacy system will be fully decommissioned
✓ CORRECT
Correct Answer: B
Rationale: The CISO is proposing risk mitigation by implementing technical controls (MPLS
VPN and TLS 1.3) to reduce the likelihood and impact of the identified risk, which is the
standard treatment for high-risk vulnerabilities that cannot be immediately eliminated.
Residual risk always remains after mitigation because no control is perfect; TLS 1.3 could
have implementation flaws, certificate management issues, or misconfigurations that leave
gaps in protection. Risk practitioners should validate residual risk through penetration testing
and continuous configuration monitoring after control deployment.
Question 3 of 50
An energy sector organization is adopting the NIST Cybersecurity Framework (CSF) 2.0 to
align its security program with industry best practices. The security team has completed an
asset inventory and vulnerability assessment but has not yet established formal incident
response procedures or business continuity plans. Which CSF 2.0 function best describes the
current state of the organization's security posture, and which function represents the most
critical gap?
A. The current state aligns with the Protect function, and the most critical gap is in the Detect
function
B. The current state aligns with the Identify function, and the most critical gap is in the
Respond function
C. The current state aligns with the Govern function, and the most critical gap is in the
Recover function
D. The current state aligns with the Detect function, and the most critical gap is in the Protect
function ✓ CORRECT
Correct Answer: B
,Rationale: The NIST CSF 2.0 Identify function encompasses asset management and risk
assessment activities, which directly matches the organization's completed inventory and
vulnerability assessment work. The absence of formal incident response procedures
represents a critical gap in the Respond function, which is essential for managing
cybersecurity incidents effectively and minimizing business impact. Organizations in critical
infrastructure sectors like energy should prioritize Respond function maturity because
regulatory requirements and operational continuity demands make incident response
capability non-negotiable.
Question 4 of 50
A threat modeling session for a new e-commerce mobile application reveals that attackers
could exploit insecure direct object references to access other customers' order histories by
manipulating URL parameters. The development team is debating whether to implement
server-side authorization checks or client-side input validation. Which approach correctly
addresses the threat, and why is the alternative insufficient?
A. Client-side input validation is correct because it prevents malicious requests from
reaching the server, while server-side checks add unnecessary latency
B. Server-side authorization checks are correct because the server cannot trust
client-submitted data, while client-side validation can be bypassed
C. Both approaches are equally effective when implemented together, as defense in depth
requires validation at every layer
D. Input sanitization is correct because it removes malicious characters from URL
parameters, while authorization checks are overly restrictive ✓ CORRECT
Correct Answer: B
Rationale: Server-side authorization checks are the only reliable defense against insecure
direct object references because the server must independently verify that the authenticated
user has permission to access the requested resource, regardless of what the client submits.
Client-side validation can be trivially bypassed by attackers who intercept and modify HTTP
requests using proxy tools like Burp Suite or custom scripts, making it ineffective as a
security control. In secure development lifecycle practices, server-side authorization should
always enforce the principle of least privilege for every data access request.
Question 5 of 50
A manufacturing company is evaluating its supply chain risk after a critical vendor suffered a
ransomware attack that disrupted component deliveries for three weeks. The company had
previously rated this vendor as low risk because the components were not classified as
sensitive. Which risk assessment error occurred, and what adjustment should the company
make to its risk methodology?
, A. The company failed to assess reputational risk, and should add reputational impact
scoring to all vendor evaluations
B. The company failed to assess operational dependency risk, and should evaluate business
continuity impact regardless of data sensitivity classification
C. The company failed to assess compliance risk, and should mandate SOC 2 Type II reports
from all vendors
D. The company failed to assess financial risk, and should require vendors to carry cyber
insurance with the company named as beneficiary ✓ CORRECT
Correct Answer: B
Rationale: The company made a fundamental risk assessment error by equating low data
sensitivity with low overall risk, ignoring the operational dependency on timely component
delivery that directly impacts manufacturing continuity. Risk methodologies must evaluate
business continuity impact for all critical vendors regardless of whether they handle sensitive
data, because operational disruption can cause revenue loss, contractual penalties, and
market position damage. Mature supply chain risk programs use business impact analysis to
identify single points of failure and establish alternative sourcing strategies before
disruptions occur.
Question 6 of 50
During an annual penetration test, a red team successfully exfiltrates sensitive customer data
from a retail organization's database by exploiting a SQL injection vulnerability in the web
application's search function. The organization's risk register had previously documented SQL
injection as a "Medium" risk because the web application firewall was believed to provide
adequate protection. Which risk management process failure is most evident in this
scenario?
A. The risk treatment plan failed because the WAF was not properly configured with updated
rule sets
B. The risk assessment failed because it relied on a compensating control rather than
addressing the root vulnerability
C. The risk monitoring failed because the penetration test was conducted annually rather
than continuously
D. The risk communication failed because the red team findings were not shared with the
development team ✓ CORRECT
Correct Answer: B
Rationale: The risk assessment fundamentally failed by rating SQL injection as "Medium"
based on the presence of a WAF rather than evaluating the inherent vulnerability of the
application itself, violating the principle that compensating controls should not substitute for
secure design. A WAF is a detective and preventive compensating control that can be
bypassed through encoding, novel attack vectors, or configuration gaps, making it insufficient