Question $1$

$\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_$ is the technique for identifying open ports and services available on a specific host. Hackers use this technique to find information for malicious purposes.

Question $2$

Deciding between a hot site and a cold site can become a difficult process, depending on your priorities. If your priority is cutting costs, then you probably would want to go with a $\_\_\_\_\_\_\_\_.$ However, if your industry does not allow for downtime in recovering data, it could be vital to settling on a $\_\_\_\_\_\_.$

Question $3$

DMZ is a physical$/$logical subnet that keeps untrusted networks $($i$.$e$.,$ internet$)$ from the internal local area network $($LAN$).$ External$-$facing servers and resources are located outside the DMZ$.$ Thus, they can be accessed from the internet but the internal LAN stays unreachable. This limits the hacker's ability to directly access internal LAN, providing further security.

Question $4$

$\_\_\_\_\_\_\_\_\_\_\_$refer$($s$)$ to the duration of time within which a business process or IT system must be recovered after a disaster.

Question $5$

$\_\_\_\_\_\_\_\_\_$ is the process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them. This, implemented alongside other security tactics, is vital for organizations to prioritize possible threats and minimizing their "attack surface."

Question $6$

$\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_$allows security researchers from all of the world to attack your application.

Question $7$

In the Target case, at which stages of the attack, attackers took advantage of weak security at a Target vendor.

Question $8$

A cloud environment allows a firm to increase and decrease resources based on their need quickly. Given this, cloud computing addresses the issue of $\_\_\_\_\_$

Question $9$

$\_\_\_\_\_\_$ is the government agency that is mainly responsible for developing and establishing government standards involving cryptography for general$-$purpose government use.

Question $10$

In the $\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_,$ firm addresses how to immediately determine:

Which employees are affected?

Which business$-$critical systems are impacted?

How media inquiries are addressed $($public relations$)?$

How next steps are communicated to employees?

Question $11$

Question $12$

The vulnerability management process can be broken down into the following steps except$\_\_\_\_\_\_\_\_\_$

Question $13$

Assume you are consulting a big car manufacturer parts supplier called XYZ Parts. As it is important that XYZ Parts has the particular parts and quantities at the exact time needed by the manufacturing business, it does need to be aware of the inventory status and production schedules of the manufacturer. While it can manage this interaction manually today and often find it time$-$consuming, costly$,$ and even inaccurate. Your job is to suggest a secure technology to XYZ Parts so it can connect with its manufacturing company's private network in a secure$,$ fast, and efficient way.

Question $14$

Nmap is a tool that can be used in the $\_\_\_\_\_\_\_$ stage

Question $15$

Which cloud delivery model is implemented by a single organization, enabling it to be implemented behind a firewall?

Question $16$

In $\_\_\_\_\_\_$ clouds, customers rent access to resources on a pay$-$as$-$you$-$go basis and there is no need for capital investment in data center infrastructure.

Question $17$

In $\_\_\_\_\_\_\_\_\_\_\_\_\_$ stage, hackers begin building a payload that will allow them to exploit the vulnerability.

Question $18$

Penetration testers are required to fix the vulnerabilities they find during testing.

Question $19$

What is the last step in the incident response plan?

Question $20$

In the $\_\_\_\_\_\_\_\_\_\_\_\_\_\_,$ the firm Identifies who has ultimate authority to make decisions $($i$.$e$.,$ be an incident commander$).$