40. When handling credit card payments, the organization needs to adhere to the _____.
- ISO
- HIPAA
- PCI DSS
- IEEE
41. What characteristics are used to assess the severity of found vulnerabilities? Select all that apply.
- Remotely exploitable or not
- Type of access gained
- Chance of exploitation
- Use of encryption or not
42. Which of the following are bad security habits commonly seen amongst employees in the workplace? Select all that apply.
- Password on a post-it note
- Log out of website session
- Leave laptop logged in and unattended
- Lock desktop screen
43. Which of the following are examples of security tools that can scan computer systems and networks for vulnerabilities? Select all that apply.
- Wireshark
- Nessus
- OpenVAS
- Qualys
44. Consider the following scenario:
Your company wants to establish good privacy practices in the workplace so that employee and customer data is properly protected. Well-established and defined privacy policies are in place, but they also need to be enforced. What are some ways to enforce these privacy policies? Select all that apply.
- Print customer information
- Audit access logs
- Apply the principle of least privilege
- VPN connection
45. Third-party services that require equipment on-site may require a company to do which of the following? Select all that apply.
- Unrestricted access to the network
- Provide additional monitoring via a firewall or agentless solution
- Provide remote access to third-party service provider
- Evaluate hardware in the lab first
46. What are some behaviors to be encouraged in order to build a security-conscious culture? Select all that apply.
- Locking your screen
- Shaming people who haven’t done a good job of ensuring their company’s security
- Checking website URLs when authenticating
- Asking security-related questions
