A cybersecurity professional employs a strategy to mislead attackers by deploying a network of decoy servers and systems. These are intended to mimic the organization’s real systems to detect, deflect, or study attacks. This strategy is known as:

In an effort to infiltrate a secure facility, an attacker followed closely behind an authorized employee without being noticed, gaining unauthorized access. This method is called:

An attacker gathers discarded documents from a company’s external trash bins to find useful information about the company’s network infrastructure. This type of attack is known as:

During a routine security audit, it was found that attackers had managed to install malware on a networked printer within an organization’s premises to intercept printed documents. This incident underscores the importance of securing which of the following?

An organization implemented a policy where employees must authenticate using something they know (a password) and something they have (a security token). This security measure is an example of:

An employee received a text message from what appeared to be their bank, asking them to verify their account details via a link provided in the message. This type of attack is known as:

An employee receives an urgent email from what appears to be the company’s CEO, asking for immediate transfer of funds for a confidential deal. Which of the following best describes this attack?

A company’s security system detects an unauthorized device attempting to connect to the corporate network. The device is isolated and upon further investigation, it is found to be a rogue access point installed by an employee in their office. This scenario demonstrates a failure in what type of security control?

After noticing several employees receiving phishing emails, the IT department sent out a fake phishing email to educate and identify employees who might need additional training. This practice is known as:

After noticing several employees receiving phishing emails, the IT department sent out a fake phishing email to educate and identify employees who might need additional training. This practice is known as:

An organization’s senior executive received a personalized email containing a link to what was claimed to be a confidential report but instead led to a credential harvesting site. This is an example of:

A security analyst receives an alert from the SIEM system indicating a sudden spike in outbound traffic. Further investigation reveals that sensitive company data is being sent to an external IP address. This scenario is indicative of:

A security analyst notices an unusual pattern of requests to the DNS server from an internal source, attempting to redirect users to malicious websites. This is indicative of which type of attack?

A cybersecurity team discovered an attack where malicious actors created nearly identical domain names to a popular online shopping site to trick users into entering their credentials. This attack is known as:

During a recent security review, it was discovered that an attacker had been able to gather a significant amount of detailed information about the company’s network infrastructure through careful observation of an employee working in a coffee shop. This method is known as:

During a routine inspection of network traffic, a security analyst discovers irregular DNS lookups that do not align with the organization’s normal operations. This irregular activity is attempting to communicate with known malicious external IPs. This scenario is indicative of:

During an audit, it was discovered that an attacker had successfully changed the website’s DNS records stored on the DNS server, causing the website’s traffic to be redirected to a malicious site. This incident is an example of:

A cybersecurity analyst notices an increase in traffic to a specific website frequently visited by the company’s employees. Further investigation reveals that the website has been compromised and is now serving malware, specifically targeting the company’s network. This technique is known as:

An organization received an invoice from a vendor it frequently uses, but the bank account details were changed to direct payments to an account controlled by cybercriminals. This scam is known as:

To enhance security awareness, a company creates a fake phishing website mimicking the login page of the company’s employee portal. Employees are directed to the site via an internal training module to see if they enter their credentials. This method is known as:

An organization’s security systems detect an attempt to use malicious SQL queries through the company website’s search box, aiming to manipulate the backend database. This attack is classified as:

An organization’s finance department received a sophisticated email targeting the CFO, claiming to be from a regular contractor requesting payment to a new account due to alleged banking issues. This targeted attempt is called:

To gather intelligence before launching a cyber-attack, criminals use social media platforms to collect information about an organization’s employees, key projects, and internal jargon. This preparatory phase is known as:

A group of hackers targeted a multinational corporation by launching a sophisticated influence campaign on social media to manipulate stock prices. This is an example of:

A cybersecurity analyst discovers an unauthorized access point with the same SSID as the corporate network. This setup is likely an attempt at:

A security analyst is reviewing the firewall logs and notices an attempt to exploit a known vulnerability in the web server’s software. The logs indicate that the attack was blocked by the firewall’s intrusion prevention system (IPS). This scenario is an example of which type of security control?

A social engineer manipulates an employee over the phone to divulge their login credentials by pretending to be a member of the IT department fixing an issue. This tactic is known as:

A cybersecurity analyst is reviewing log files and notices multiple login attempts to the company’s cloud infrastructure from an unrecognized location, indicating a possible:

To prevent unauthorized physical access to a data center, the facility installed a security system that requires a swipe card and a PIN code to enter. This security measure is an example of:

An IT manager received an email that appeared to come from a well-known software vendor. The email claimed that the company’s software licenses were about to expire and provided a link to renew them. However, the link directed the manager to a fraudulent website designed to steal credentials. This type of attack is:

To improve the security posture of their email system, an organization implements a technique that verifies if an incoming email’s domain matches the IP address it was sent from. This technique helps mitigate which of the following?

To gain unauthorized access to a company’s premises, an attacker impersonates a courier delivery person, complete with a uniform and fake ID, convincing the front desk personnel to let them enter without proper verification. This scenario exemplifies: