Buffer overflow attacks target applications, exploiting improper memory handling. Applications operate atLayer 7 (Application Layer), making it the primary target.

The Data Link layer (Layer 2) handles MAC addressing and frame delivery within local networks.

The Disaster Recovery Plan (DRP) contains step-by-step technical procedures to restore IT systems, data, and infrastructure after a disruptive event. While the BCP focuses on maintaining operations, the DRP focuses onrestoration.

Human life and safety always take precedence over systems, data, and business operations. Security awareness ensures employees know how to act safely during incidents such as fires, active threats, or infrastructure failures.

Well-known ports (0–1023) are reserved for core services such as HTTP (80), HTTPS (443), FTP (21), and SSH (22).

A VPC endpoint is the best solution for enabling secure, private connectivity between systems in different virtual private clouds (VPCs) without traversing the public internet. VPC endpoints allow private communication using the cloud provider’s internal network.

VPNs introduce additional overhead and complexity, while internet gateways and public IP addresses expose systems to the public internet, increasing attack surface.

VPC endpoints provide strong security, reduced latency, and simplified architecture. They are recommended by cloud providers and security frameworks for private, internal cloud communication.

A Security Operations Center (SOC) continuously monitors security events, analyzes threats, and coordinates incident response. SOCs integrate people, processes, and technology such as SIEM, SOAR, and threat intelligence platforms.

Attribute-Based Access Control (ABAC) grants access based on complex logical rules that evaluate attributes of the user, resource, action, and environment. Examples include user role, department, time of day, device type, and data sensitivity. These attributes are evaluated dynamically, allowing fine-grained and context-aware access decisions.

DAC allows owners to grant permissions, MAC uses labels and classifications, and RBAC assigns permissions based on roles. None of these provide the same level of flexibility as ABAC. Because ABAC supports complex, rule-based decisions, it is widely used in modern cloud environments and zero trust architectures.

Cloud computing is defined by five essential characteristics per NIST: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Therefore, all listed options are valid characteristics.

In Software as a Service (SaaS), the provider manages nearly all infrastructure, platforms, and applications, leaving customers responsible mainly for data and access.