Which of the following principles describes how a security analyst should communicate during an incident?

The Chief Executive Officer (CEO) instructed the new Chief Information Security Officer (CISO) to provide a list of enhancement to the company's cybersecurity operation. As a result, the CISO has identified the need to align security operations with industry best practices. Which of the following industry references is appropriate to accomplish this?

An organization that handles sensitive financial information wants to perform tokenization of data to enable the execution of recurring transactions. The organization is most interested m a secure, built-in device to support its solution. Which of the following would MOST likely be required to perform the desired function?

A Chief Executive Officer (CEO) wants to implement BYOD in the environment. Which of the following options should the security analyst suggest to protect corporate data on these devices?
(Choose two.)

An employee was conducting research on the Internet when a message from cyber criminals appeared on the screen, stating the hard drive was just encrypted by a ransomware variant. An analyst observes the following:
* Antivirus signatures were updated recently
* The desktop background was changed
* Web proxy logs show browsing to various information security sites and ad network traffic
* There is a high volume of hard disk activity on the file server
* SMTP server shown the employee recently received several emails from blocked senders
* The company recently switched web hosting providers
* There are several IPS alerts for external port scans
Which of the following describes how the employee got this type of ransomware?