An amusement park is implementing a biometric system that validates customers' fingerprints to ensure they
are not sharing tickets. The park's owner values customers above all and would prefer customers' convenience
over security. For this reason, which of the following features should the security team prioritize FIRST?


A. Low FAR
B. Low efficacy
C. Low FRR
D. Low CER

An organization has hired a red team to simulate attacks on its security posture. Which of the following will the
blue team do after detecting an IoC?


A. Reimage the impacted workstations.
B. Activate runbooks for incident response.
C. Conduct forensics on the compromised system.
D. Conduct passive reconnaissance to gather information.

Which of the following is the GREATEST security concern when outsourcing code development to third-party
contractors for an internet-facing application?


A. Intellectual property theft
B. Elevated privileges
C. Unknown backdoor
D. Quality assurance

Which of the following is the MOST effective control against zero-day vulnerabilities?


A. Network segmentation
B. Patch management
C. Intrusion prevention system
D. Multiple vulnerability scanners

An organization wants to participate in threat intelligence information sharing with peer groups. Which of the
following would MOST likely meet the organization's requirement?


A. Perform OSINT investigations.
B. Subscribe to threat intelligence feeds.
C. Submit RFCs.
D. Implement a TAXII server.

A company suspects that some corporate accounts were compromised. The number of suspicious logins from
locations not recognized by the users is increasing. Employees who travel need their accounts protected
without the risk of blocking legitimate login requests that may be made over new sign-in properties. Which of
the following security controls can be implemented?


A. Enforce MFA when an account request reaches a risk threshold.
B. Implement geofencing to only allow access from headquarters.
C. Enforce time-based login requests that align with business hours.
D. Shift the access control scheme to a discretionary access control.

Which of the following is the BEST example of a cost-effective physical control to enforce a USB removable
media restriction policy?


A. Putting security/antitamper tape over USB ports, logging the port numbers, and regularly inspecting the
ports

B. Implementing a GPO that will restrict access to authorized USB removable media and regularly verifying
that it is enforced

C. Placing systems into locked, key-controlled containers with no access to the USB ports
D. Installing an endpoint agent to detect connectivity of USB and removable media

Which of the following describes the continuous delivery software development methodology?


A. Waterfall
B. Spiral
C. V-shaped
D. Agile

A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution. In order to restrict PHI documents, which of the following should be performed FIRST?


A. Retention
B. Governance
C. Classification
D. Change management