Questions Fully Solved 2026.
A police department employee has access to data related to an ongoing investigation. A local politician
whom the employee supports has come under investigation. The employee accesses the data relating to
the investigation and provides the file to the politician anonymously. How should this behavior be
classified? - Answer Corruption
An IT manager implements security measures at the organization, network, application, and employee
levels. Which approach to security is the manager using? - Answer Layered Security
A new startup tech company plans to provide secure wireless access within its office for employees and
other trusted visitors. The company has concerns about competitors eavesdropping or compromising the
connections and obtaining unauthorized access to the company's intellectual property. The company is
considering using Wireless Protected Access 2 (WPA2) to secure data in transit. Which protocol does this
wireless protection implement? - Answer AES (Advanced Encryption Standard)
A Federal Bureau of Investigation (FBI) agent monitors a telephone conversation between a 12-year-old
child and the child's stepfather. The monitoring is part of a criminal investigation. A warrant was not
obtained prior to commencement of the monitoring. Which law or regulation did the agent violate? -
Answer Wiretap Act
A U.S. company launched an e-commerce platform in the European Union (EU). The board of directors
raised concerns about compliance with applicable privacy regulations and the collection of customer
information. Which regulation applies to this scenario? - Answer General Data Protection Regulation
(GDPR)
A social media website collected personal information about consumers when they subscribed to the
service. Subscribers opted in or out before creating their online profiles. Which European Union Data
Protection Directive did the website follow? - Answer Choice
A company is engaged as a third party to perform debt collection on behalf of a telecommunications
provider. The company operates an outbound call center to contact debtors and set up payment
arrangements. The company needs to ensure that the debtors' data privacy is not at risk. Which two
areas should the company ensure are properly managed? - Answer Network Security // Insider Access
, A company is using software to track workforce operational activity. Management communicates that
the data collected will be treated as sensitive. Administrative and technical security measures are put in
place to protect employee data. These measures include periodically culling records that are no longer
relevant. Which additional measure should be taken to safeguard employee data from misuse? - Answer
Limit who can view employee data
A retail company experiences a data breach. Customer data is stolen, including credit card numbers,
names, addresses, and account passwords. The attackers have amassed enough combinations of
personally identifiable information (PII) to commit identity theft. Which adverse impacts, in addition to
the loss of business, does the company face? - Answer Reputational damage and the need to provide
support for victims.
An attending physician at a local hospital receives an email with a link that appears to be from a
neighboring clinic. When the physician clicks the link, computers throughout the hospital freeze, and
patient information can no longer be accessed. A message appears demanding payment of five bitcoins
within 48 hours to decrypt the hospital database and threatening that without payment, all information
will be deleted. Which type of exploit is this? - Answer Ransomware
What is the cause of the rise in computer-related security issues, particularly among small- and medium-
sized businesses? - Answer Bring Your Own Device (BYOD) Policies
A company is notified of a breach of its systems. An investigation reveals that although no financial
information was taken, the customer records for all its customers, including names, email addresses, and
passwords, may have been taken. Although it is uncertain whether the records were taken, evidence
suggests that the intruders accessed the database containing the information. The investigation team
indicates that, given six weeks, they will be able to identify what, if anything, has been tak - Answer
Notify all customers that there may have been a data breach
A government contractor is rebuilding a telecommunications network. One of the contractor's
employees discovers that the company is participating in illegal and unethical acts to defraud the
government. The employee considers filing a lawsuit against the company on behalf of the government.
Which law protects the employee if the lawsuit is filed? - Answer False Claims Act
An organization enters customer information in different formats, styles, and varieties into a database.
Two customers placed an order on January 12, 2022, but one customer's purchase date is entered as