Which of the following is the SLOWEST method of restoring data from backup media?
Correct Answer: D
The SLOWEST method of restoring data from backup media is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup makes the restoration process slower, as it requires restoring multiple backups in a specific order and sequence, starting from the last full backup and then applying each incremental backup until the desired point in time is reached. The other options are not methods of restoring data from backup media that are slower than an incremental backup, but rather different types of backup procedures that copy files based on different criteria, such as monthly backup (A), full backup (B), or differential backup C.
Question 57
in key protection/management, access should be aligned with which of the following?
Correct Answer: B
Explanation In key protection/management, access should be aligned with the principle of least privilege. This means that users should only have the minimum level of access required to perform their tasks and no more. This reduces the risk of unauthorized access, misuse, or compromise of sensitive data or systems.
Question 58
The risk of an evil twin attack on mobile devices is PRIMARILY due to:
Correct Answer: C
Explanation The risk of an evil twin attack on mobile devices is PRIMARILY due to the use of generic names that mobile devices will accept without verification. An evil twin attack is a type of wireless network attack where an attacker sets up a rogue access point that mimics a legitimate one. The attacker can then lure unsuspecting users to connect to the rogue access point and intercept their data or launch further attacks. Mobile devices are vulnerable to evil twin attacks because they often use generic names for their wireless networks, such as "Free WiFi" or "Public Hotspot". These names can be easily spoofed by an attacker and accepted by mobile devices without verifying the identity or security of the access point.
Question 59
While risk is measured by potential activity, which of the following describes the actual occurrence of a threat?
Correct Answer: A
An attack is the actual occurrence of a threat, which is a potential activity that could harm an asset. An attack is the result of a threat actor exploiting a vulnerability in a system or network to achieve a malicious objective. For example, a denial-of-service attack is the occurrence of a threat that aims to disrupt the availability of a service.
Question 60
Which of the following is MOST important to ensure the successful implementation of continuous auditing?
Correct Answer: C
The MOST important factor to ensure the successful implementation of continuous auditing is top management support. This is because top management support helps to provide the vision, direction, and resources for implementing continuous auditing within the organization. Top management support also helps to overcome any resistance or challenges that may arise from implementing continuous auditing, such as cultural change, stakeholder buy-in, process reengineering, etc. Top management support also helps to ensure that the results and findings of continuous auditing are communicated and acted upon by the relevant decision-makers and stakeholders. The other options are not factors that are more important than top management support for ensuring the successful implementation of continuous auditing, but rather different aspects or benefits of continuous auditing, such as storage hardware (A), technical resources (B), or processing capacity (D).
