Practice Test Questions

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.Which one of the following security principles does NOT describe a standard best practice in cybersecurity?A. Security through obscurity B. Least privilege C. Separation of duties D. Defense in depthCorrect Answer: ASecurity through obscurity is an outdated concept that says that the security of a control may depend upon the secrecy of the details of that control's inner function. Security professionals should not use controls that rely upon security through obscurity. The principles of least privilege, separation of duties, and defense in depth are all sound security practices.Interested in more practice test questions?Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.After an incident responder identifies that a security incident is in progress, what is the next step in the incident response process?A. Preparation B. Recovery C. Eradication D. ContainmentCorrect Answer: DAfter identifying an incident, the team should next move into the containment phase where they seek to limit the damage caused by the incident. Containment occurs prior to the eradication and recovery phases. The preparation phase occurs before incident identification.Interested in more practice test questions?Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.Paula is reviewing her organization's account management lifecycle.  She is paying particular attention to the timeliness of account management activities and would like to prioritize areas that have the greatest risk.  Which one of the following activities should be her highest priority?A. Access modifications B. Onboarding C. Access reviews D. OffboardingCorrect Answer: DThe offboarding process is the area of greatest risk to the organization because failure to execute deprovisioning activities in a prompt manner may mean that employees who have left the organization retain access to sensitive information or systems.Interested in more practice test questions?Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!...