A software company wants to adopt a security framework that ensures compliance with industry regulations and improves its overall security posture.

Which of the following frameworks should they consider?

A user reports that their files have become inaccessible and are displaying a message demanding payment for decryption.
What type of malware is involved?

A company's IT team discovers an attacker has gained unauthorized access to their internal systems through a vulnerability that had a patch released three months ago but was never applied.

What could have prevented this security breach?

An attacker bombards a company's web server with a massive amount of fake traffic, causing it to crash.

Which type of attack is taking place?

A company wants to ensure its data remains available to employees even in the event of a cyberattack.
Which security principle does this align with?

An employee working remotely logs into a company system using only a simple password. Later, unauthorized access is detected from an unknown device.
What security measure could have prevented this incident?

A company's database containing customer information was accessed by an unauthorized individual. The company discovered that a weak default password was still being used for administrative access.
Which security vulnerability contributed to this breach?