Which function of user behavior analytics (UBA) would identify account misuse from a valid user?

What is a limitation of signature-based detection in IPS systems?

Why is using HTTPS preferred over HTTP in a secure protocol stack?

What best describes the role of port selection in protocol security?

A web filter denies access to websites not on an allow list. What is this approach called?

Which system enforces access decisions based on device health, compliance, and identity?

Which method is best for detecting insiders exfiltrating sensitive data via email?

An endpoint solution identifies lateral movement across subnets. Which feature provides this insight?

What does DKIM use to verify email authenticity?

What distinguishes group policies from local security policies in Windows environments?

How does file integrity monitoring enhance endpoint protection?

Which feature of XDR enhances threat response compared to EDR alone?

Which secure protocol should replace FTP in a hardened environment?

What transport method is most secure when implementing a remote syslog server?

What is the purpose of a Sender Policy Framework (SPF) record?

Why is DMARC important in enterprise email systems?

What ensures only digitally signed software can run on SELinux-protected systems?

A content filter blocks pages by evaluating website reputation. What technique is this?

What DNS feature helps reduce phishing attacks by preventing resolution of known malicious domains?

Why might a centralized proxy be preferred over agent-based web filtering?

Which tool prevents users from accessing malicious or inappropriate websites based on URL categorization?

What firewall configuration allows limited access to public-facing servers without exposing internal assets?

Which type of IDS detection method is most likely to identify unknown threats?

A firewall rule denying all traffic except for port 443 is an example of which principle?

What is the main security benefit of implementing a screened subnet?