Which of the following security best practices should a web developer reference when developing a new web- based application?
During which phase of a vulnerability assessment would a security consultant need to document a requirement to retain a legacy device that is no longer supported and cannot be taken offline?
Which standard was implemented in the United States to protect the privacy of patient medical information through restricted access to medical records and regulations for sharing medical records?
Which of the following are legally compliant forensics applications that will detect an alternative data stream (ADS) or a file with an incorrect file extension? (Choose two.)
A security investigator has detected an unauthorized insider reviewing files containing company secrets.
Which of the following commands could the investigator use to determine which files have been opened by this user?
An administrator investigating intermittent network communication problems has identified an excessive amount of traffic from an external-facing host to an unknown location on the Internet. Which of the following
BEST describes what is occurring?
Which two answer options are the BEST reasons to conduct post-incident reviews after an incident occurs in an organization? (Choose two.)
The "right to be forgotten" is considered a core tenet of which of the following privacy-focused acts or regulations?
A suspicious script was found on a sensitive research system. Subsequent analysis determined that proprietary data would have been deleted from both the local server and backup media immediately following a specific administrator’s removal from an employee list that is refreshed each evening. Which of the following BEST describes this scenario?
After a hacker obtained a shell on a Linux box, the hacker then sends the exfiltrated data via Domain Name System (DNS). This is an example of which type of data exfiltration?
TESTED 02 Apr 2025
