After a suspected insider incident, system logs from multiple servers show inconsistent timestamps and missing entries. Legal counsel advises that the organization may face litigation. Operations wants logs centralized immediately to restore visibility. What should the security manager do FIRST? A. Centralize all logs immediately to improve operational monitoring B. Preserve existing logs and establish forensic chain of custody C. Reconfigure time synchronization across all affected systems D. Notify law enforcement and external counsel of potential evidence gaps

A penetration test identifies a critical vulnerability in a customer-facing application, but exploitation would require downtime during peak business hours. The business requests delaying remediation until the next quarterly release. What should the security manager do FIRST? A. Accept the risk and document the delay as requested B. Perform a risk assessment and present impact analysis to business leadership C. Immediately remediate the vulnerability despite business objections D. Disable the affected application until remediation is complete

A massive botnet targeting Android devices has emerged as one of the most significant threats in the cybersecurity landscape today. Named Kimwolf, this sophisticated malware has compromised approximately 1.8 million Android devices worldwide, including smart TVs, set-top boxes, tablets, and other Android-based systems. Security researchers discovered the botnet when a trusted community partner provided the initial sample in October 2025, which used a command-and-control domain ranked second in Cloudflare’s global domain popularity rankings. The botnet’s reach spans across 222 countries and regions, with the highest concentration of infected devices in Brazil (14.63%), India (12.71%), and the United States (9.58%). https://cybersecuritynews.com/kimwolf-android-botnet-hijacked/

“I lost everything. I lost my kids’ future. I lost my future, ” the father told CNN. “I cried every day. How do you tell your 78-year-old mom who has medical problems that everything’s gone?” Pig butchering is a long-con scam that blends romance, confidence tricks and fake investment opportunities, often involving cryptocurrency. The scam gets its name from the farming practice of fattening up pigs before they’re slaughtered. Scammers build trust over weeks or months, “fattening” up their targets with affection and romance before slowly introducing a “can’t-miss” investment that shows impressive, but fake, returns. https://finance.yahoo.com/news/father-loses-280k-falling-pig-120000419.html

A business unit requests an exception to bypass multifactor authentication for a legacy system that cannot support it without a costly upgrade. The system processes sensitive but non-regulated data, and no active exploits are known. What should the security manager do FIRST? A. Deny the request and mandate immediate MFA implementation B. Perform a risk assessment and formally document risk acceptance C. Approve the exception indefinitely due to technical limitations D. Compensate by increasing network monitoring without documentation