Availability can be protected through the use of redundancy, backups, and business continuity management. This is because these measures help to ensure that systems, data, and services are accessible and functional at all times, even in the event of a disruption or disaster. The other options are not directly related to protecting availability, but rather focus on enhancing confidentiality (A), integrity C, or awareness (D).
Question 47
Which of the following is the SLOWEST method of restoring data from backup media?
Correct Answer: D
Explanation The SLOWEST method of restoring data from backup media is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup makes the restoration process slower, as it requires restoring multiple backups in a specific order and sequence, starting from the last full backup and then applying each incremental backup until the desired point in time is reached. The other options are not methods of restoring data from backup media that are slower than an incremental backup, but rather different types of backup procedures that copy files based on different criteria, such as monthly backup (A), full backup (B), or differential backup C.
Question 48
Which of the following BIST enables continuous identification and mitigation of security threats to an organization?
Correct Answer: B
A security operations center (SOC) is a centralized unit that monitors, detects, analyzes, and responds to cyber threats and incidents in real time. A SOC enables continuous identification and mitigation of security threats to an organization by using various tools, processes, and expertise.
Question 49
When reviewing user management roles, which of the following groups presents the GREATEST risk based on their permissions?
Correct Answer: A
When reviewing user management roles, the group that presents the GREATEST risk based on their permissions is privileged users. This is because privileged users are users who have elevated or special access rights or permissions to systems or resources, such as administrators, superusers, root users, etc. Privileged users present the greatest risk based on their permissions, because they can perform actions or operations that can affect the security, availability, or functionality of systems or resources, such as installing or uninstalling software, modifying or deleting files, granting or revoking access rights, etc. Privileged users can also abuse or misuse their permissions for malicious or unauthorized purposes, such as stealing or leaking sensitive data, sabotaging systems or services, bypassing security controls, etc. The other options are not groups that present the greatest risk based on their permissions, but rather different types of users that may have different levels of access rights or permissions to systems or resources, such as database administrators (B), terminated employees C, or contractors (D).
Question 50
Which of the following is a MAIN benefit of using Security as a Service (SECaaS) providers?
Correct Answer: A
A MAIN benefit of using Security as a Service (SECaaS) providers is that significant investments and specialized security skills are not required. SECaaS is a type of cloud service model that provides security solutions and services to customers over the internet. SECaaS providers can offer various security functions such as antivirus, firewall, encryption, identity management, vulnerability scanning, and incident response. By using SECaaS providers, customers can save costs and resources on acquiring, maintaining, and updating security hardware and software. Customers can also leverage the expertise and experience of the SECaaS providers to address their security needs and challenges.
