Domain 4.0 Security Operations
Assessment Questions and Answers
Guide (already passed) Latest 2025
Network security baselines - Correct Answers ✅The IT
team of a medium-sized business is planning to enhance
network security. They want to enforce minimum security
controls and configurations across all network devices,
including firewalls, routers, and switches. What should they
establish to achieve this objective?
Sanitizing the servers - Correct Answers ✅A tech company
is in the process of decommissioning a fleet of old servers. It
wants to ensure that sensitive data stored on these servers is
fully eliminated and is not accessible in the event of
unauthorized attempts. What primary process should the
company implement before disposing or repurposing these
servers?
Using MDM solutions to centrally control employees' mobile
devices - Correct Answers ✅An organization has
implemented a Bring Your Own Device (BYOD) policy, allowing
employees to use their personal mobile devices for work-
related tasks. Aware of the varying legal ramifications and
privacy concerns across different jurisdictions related to
controlling personal devices, the organization seeks to
enhance the security of these devices within the constraints
of these legal and privacy issues. Considering this context,
which of the following measures would be the MOST effective
way to navigate these complexities while striving to secure
employees' mobile devices under the BYOD policy?
,Domain 4.0 Security Operations
Assessment Questions and Answers
Guide (already passed) Latest 2025
CVSS - Correct Answers ✅An organization is creating a
quick reference guide to assist team members when
addressing common vulnerabilities and exposures across the
enterprise. What does the Forum of Incident Response and
Security Teams maintain that generates metrics of a score
from 0 to 10?
It can create, modify, or delete individual user accounts.
It can create, modify, or delete individual users' access rights
across IT systems. - Correct Answers ✅A cyber architect
explores various methods to assign needed access for newly-
hired employees or employees who have transitioned to a
new role. What are the benefits associated with user
provisioning? (Select the two best options.)
Decrease in network latency - Correct Answers ✅Which of
the following options is NOT a challenge typically
encountered while implementing web filtering solutions in an
enterprise?
Passwordless authentication - Correct Answers ✅The IT
department at a medium-sized company is exploring ways to
enhance its authentication methods to improve security. They
want to choose an authentication approach that balances
security and user convenience. Which authentication method
eliminates the need for passwords and provides a secure way
, Domain 4.0 Security Operations
Assessment Questions and Answers
Guide (already passed) Latest 2025
of verifying a user's identity based on the device's hardware
or software characteristics?
It refers to the process of removing sensitive information from
storage media to prevent unauthorized access or data
breaches.
Its process uses specialized techniques, such as data wiping,
degaussing, or encryption. - Correct Answers ✅Upon
receiving new storage media drives for the department, an
organization asks a software engineer to dispose of the old
drives. When considering the various methods, what
processes does sanitization involve? (Select the two best
options.)
Simulation - Correct Answers ✅Following an incident in
which a company's incident response plan (IRP) failed, the
response team makes several updates and changes to the
IRP. The CEO wants to test the IRP with a realistic incident
using an attacking team, a defending team, and moderating
team, and is not concerned with costs and planning. Which
IRP exercise is the BEST option while meeting the CEO's
expectations?
Adjust scanner config based on log review
Assessment Questions and Answers
Guide (already passed) Latest 2025
Network security baselines - Correct Answers ✅The IT
team of a medium-sized business is planning to enhance
network security. They want to enforce minimum security
controls and configurations across all network devices,
including firewalls, routers, and switches. What should they
establish to achieve this objective?
Sanitizing the servers - Correct Answers ✅A tech company
is in the process of decommissioning a fleet of old servers. It
wants to ensure that sensitive data stored on these servers is
fully eliminated and is not accessible in the event of
unauthorized attempts. What primary process should the
company implement before disposing or repurposing these
servers?
Using MDM solutions to centrally control employees' mobile
devices - Correct Answers ✅An organization has
implemented a Bring Your Own Device (BYOD) policy, allowing
employees to use their personal mobile devices for work-
related tasks. Aware of the varying legal ramifications and
privacy concerns across different jurisdictions related to
controlling personal devices, the organization seeks to
enhance the security of these devices within the constraints
of these legal and privacy issues. Considering this context,
which of the following measures would be the MOST effective
way to navigate these complexities while striving to secure
employees' mobile devices under the BYOD policy?
,Domain 4.0 Security Operations
Assessment Questions and Answers
Guide (already passed) Latest 2025
CVSS - Correct Answers ✅An organization is creating a
quick reference guide to assist team members when
addressing common vulnerabilities and exposures across the
enterprise. What does the Forum of Incident Response and
Security Teams maintain that generates metrics of a score
from 0 to 10?
It can create, modify, or delete individual user accounts.
It can create, modify, or delete individual users' access rights
across IT systems. - Correct Answers ✅A cyber architect
explores various methods to assign needed access for newly-
hired employees or employees who have transitioned to a
new role. What are the benefits associated with user
provisioning? (Select the two best options.)
Decrease in network latency - Correct Answers ✅Which of
the following options is NOT a challenge typically
encountered while implementing web filtering solutions in an
enterprise?
Passwordless authentication - Correct Answers ✅The IT
department at a medium-sized company is exploring ways to
enhance its authentication methods to improve security. They
want to choose an authentication approach that balances
security and user convenience. Which authentication method
eliminates the need for passwords and provides a secure way
, Domain 4.0 Security Operations
Assessment Questions and Answers
Guide (already passed) Latest 2025
of verifying a user's identity based on the device's hardware
or software characteristics?
It refers to the process of removing sensitive information from
storage media to prevent unauthorized access or data
breaches.
Its process uses specialized techniques, such as data wiping,
degaussing, or encryption. - Correct Answers ✅Upon
receiving new storage media drives for the department, an
organization asks a software engineer to dispose of the old
drives. When considering the various methods, what
processes does sanitization involve? (Select the two best
options.)
Simulation - Correct Answers ✅Following an incident in
which a company's incident response plan (IRP) failed, the
response team makes several updates and changes to the
IRP. The CEO wants to test the IRP with a realistic incident
using an attacking team, a defending team, and moderating
team, and is not concerned with costs and planning. Which
IRP exercise is the BEST option while meeting the CEO's
expectations?
Adjust scanner config based on log review
