Correct Answer:

Correct Answer:

Correct Answer:

Correct Answer: B

Implementing a Single Sign-On (SSO) solution and integrating it with applications is the best way to manage the situation and decrease risks. Here's why:

Reduced Password Fatigue: SSO allows users to log in once and gain access to multiple applications and systems without needing to remember and manage multiple passwords. This reduces the likelihood of users writing down passwords.

Improved Security: By reducing the number of passwords users need to manage, SSO decreases the attack surface and potential for password-related security breaches. It also allows for the implementation of stronger authentication

methods. User Convenience: SSO improves the user experience by simplifying the login process, which can lead to higher productivity and satisfaction.

References:

Correct Answer: B

Building playbooks for different scenarios and performing regular table-top exercises directly addresses the issues identified in the lessons-learned review. Here's why: Lost important information for further analysis: Playbooks outline step-by-step procedures for incident response, ensuring that team members know exactly what to document and how to preserve evidence. Did not utilize the chain of communication: Playbooks include communication protocols, specifying who to notify and when. Regular table-top exercises reinforce these communication channels, ensuring they are followed during actual incidents. Did not follow the right steps for a proper response: Playbooks provide a clear sequence of actions to be taken during various types of incidents, helping the team to respond in a structured and effective manner. Regular exercises allow the team to practice these steps, identifying and correcting any deviations from the plan. Investing in better forensic tools (Option A) or requiring certifications (Option C) are also valuable, but they do not directly address the procedural and communication gaps identified. Publishing and enforcing the incident response policy (Option D) is important but not as practical and hands-on as playbooks and exercises in ensuring the team is prepared. References: CompTIA Security+ Study Guide NIST SP 800-61 Rev. 2, "Computer Security Incident Handling Guide" SANS Institute, "Incident Handler's Handbook"

Correct Answer: A

The situation where several employees were contacted by the same individual impersonating a recruiter best describes a spear-phishing campaign. Here's why:

Targeted Approach: Spear-phishing involves targeting specific individuals within an organization with personalized and convincing messages to trick them into divulging sensitive information or performing actions that compromise security.

Impersonation: The use of impersonation, in this case, a recruiter, is a common tactic in spear-phishing to gain the trust of the targeted individuals and increase the likelihood of a successful attack. Correlated Contacts: The fact that several

employees were contacted by the same individual suggests a coordinated effort to breach the organization's security by targeting multiple points of entry through social engineering.

Correct Answer: E

The technique that best addresses the issue of insider threats from employees who have individual access to encrypted material is key splitting. Here's why:

Key Splitting: Key splitting involves dividing a cryptographic key into multiple parts and distributing these parts among different individuals or systems. This ensures that no single individual has complete access to the key, thereby mitigating

the risk of insider threats.

Increased Security: By requiring multiple parties to combine their key parts to access encrypted material, key splitting provides an additional layer of security. This approach is particularly useful in environments where sensitive data needs to

be protected from unauthorized access by insiders. Compliance and Best Practices: Key splitting aligns with best practices and regulatory requirements for handling sensitive information, ensuring that access is tightly controlled and

monitored.

References:

By employing key splitting, organizations can effectively reduce the risk of insider threats and enhance the overall security of encrypted material.

Correct Answer: C

Tokenization: Tokenization replaces sensitive payment card data with a non-sensitive token that has no meaningful value outside the specific context of the tokenization system. This method ensures that even if the

Correct Answer: D

Correct Answer: B