Baiting is a social engineering tactic in which an attacker entices the target with the promise of something desirable, such as free software or a service, in order to lure them into taking an action that compromises their security, such as downloading malicious software or providing sensitive information.

A firewall is most likely to skew the results of a vulnerability scan when performing an assessment from outside the perimeter. Firewalls are designed to filter and block traffic based on security rules, which can prevent scanners from accurately assessing vulnerabilities in the network. Firewalls may block or alter certain types of scan traffic, leading to incomplete or misleading results.

An insufficient Service Level Agreement (SLA) is likely the cause of the organization ' s weakness in establishing key performance indicators (KPIs) for its service hosting solution. SLAs define the expected performance and service levels, and without clear SLAs, it is difficult to establish appropriate KPIs to measure and monitor the service ' s effectiveness and performance.

Isolate the services and data as much as possible: Isolation helps prevent the spread of issues across systems and makes recovery easier and more manageable.

Understand which processes are critical to the business and have to run in disaster recovery: Identifying critical processes ensures that the most essential operations are prioritized during recovery, minimizing downtime and business disruption.

Maintain integrity between primary and secondary deployments: Ensuring data integrity between primary and backup systems is essential for a successful recovery, allowing for accurate restoration of systems and data.

Static analysis involves examining the code without execution, such as looking for vulnerabilities in the code ' s structure or logic. It helps determine everything the program can potentially do, while dynamic analysis focuses on observing the program ' s actual behavior during execution with specific inputs in a given environment.

Static analysis examines the binary without executing it, often using reverse engineering techniques, while dynamic analysis requires the program to be run in order to observe its real-time behavior and interactions.

A vulnerability is a weakness or gap in a security program, system, or application that can be exploited by attackers to gain unauthorized access. Identifying and mitigating vulnerabilities is a key part of any security program.

A hot site is a fully equipped, operational backup site that allows a company to restore normal business operations in a matter of minutes or seconds. It has up-to-date copies of critical data and systems, ensuring minimal downtime in the event of a disaster.