Miguel, a professional hacker, targeted an organization to gain illegitimate access to its critical information.
He identified a flaw in the end-point communication that can disclose the target application's data.
Which of the following secure application design principles was not met by the application in the above scenario?
Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical Information to Johnson's machine. What is the social engineering technique Steve employed in the above scenario?
Kasen, a cybersecurity specialist at an organization, was working with the business continuity and disaster recovery team. The team initiated various business continuity and discovery activities in the organization. In this process, Kasen established a program to restore both the disaster site and the damaged materials to the pre-disaster levels during an incident.
Which of the following business continuity and disaster recovery activities did Kasen perform in the above scenario?
Tristan, a professional penetration tester, was recruited by an organization to test its network infrastructure. The organization wanted to understand its current security posture and its strength in defending against external threats. For this purpose, the organization did not provide any information about their IT infrastructure to Tristan. Thus, Tristan initiated zero-knowledge attacks, with no information or assistance from the organization.
Which of the following types of penetration testing has Tristan initiated in the above scenario?
GlobalTech, a multinational tech conglomerate, has been operating across 50 countries for the past two decades. Recently, it faced a significant data breach that affected Its reputation and bottom line. As a result, the board of directors decided to overhaul its existing corporate strategy, with a pronounced focus on enhancing its Information Security Governance. The company believes that a robust governance structure would not only prevent future breaches but would also align with its long-term business objectives of expansion and dominance in the tech market. It has called upon several third-party consultants to pitch an optimal strategy for the conglomerate's unique position.
Which strategy best aligns with GlobalTech's requirement?
