1.2.4 Practice Questions

Question 1

Question 1.

A company finds that employees are accessing streaming websites that are not being monitored for malware or viruses.
Which type of control can the network administrator implement to protect the system and keep the employees from viewing unapproved sites?

Corrective:
Technical
Detective
Operational

Answer 1

Correct Answer:
Technical

Question 2

Question 2.

Which of the following is an example of a preventative control type?

-An advanced network appliance
-Intrusion detection systems
-Network monitoring applications
-Real-time monitoring alerts

Answer 2

Correct Answer:
An advanced network appliance
Intrusion detection systems

Question 3

Question 3.

After a recent server outage, the company discovered that an employee accidentally unplugged the power cable from the server while grabbing some office supplies from the nearby shelf.
What security control did the company lack that led to the server outage?
answer
Managerial
Technical
Physical
Operational

Answer 3

Correct Answer:
Physical

Question 4

Question 4.
An acceptable use policy requires the system to encrypt confidential information while in transit. All employees must use secure email when exchanging proprietary information with external vendors.
Which of the following describes this type of acceptable use policy?
answer
Operational
Technical
Preventive
Managerial

Answer 4

Correct Answer:
Operational

Question 5

Question 4.
An acceptable use policy requires the system to encrypt confidential information while in transit. All employees must use secure email when exchanging proprietary information with external vendors.
Which of the following describes this type of acceptable use policy?
answer:
Operational
Technical
Preventive
Managerial

Answer 5

Correct Answer:
Operational

Question 6

Question 5.
Which type of control makes use of policies, DPRs, and BCPs?
answer:
Managerial:
Technical
Operational
Preventative

Answer 6

Correct Answer:
Managerial

Question 7

Question 6.
The security operations manager of a multinational corporation focuses on enhancing directive operational controls.
Which of the following should the manager implement?
answer
Regular vulnerability assessments using automated tools.
Firewall to block unauthorized network traffic.:
User awareness and training programs.
Surveillance cameras installed around the premises.

Answer 7

Correct Answer:
User awareness and training programs.

Question 8

Question 7.
Which type of control is used to discourage malicious actors from attempting to breach a network?
answer
Detective
Preventative:
Deterrent
Physical

Answer 8

Correct Answer:
Deterrent

Question 9

Question 8.
The chief security officer (CSO) at a financial organization wants to implement additional detective security controls.
Which of the following would BEST represent this type of control?

-Performing regular system backups.
-Implementation of biometric authentication systems.
-Enforcement of access control mechanisms.:
-Installation of surveillance camera.

Answer 9

Correct Answer:
-Installation of surveillance camera.

Question 10

Question 9.
A company moved its office supplies to another room and instituted a new security system for entry. The company implemented this after a recent server outage.
What category of security control BEST describes the function of this recent implementation?
answer
Operational
Preventive
Correct Answer:
Corrective
Detective

Answer 10

Correct Answer:
Corrective

Question 11

Question 10.
Which of the following BEST describes compensating controls?
answer
-Discourages malicious actors from attempting to breach a network.
-Monitors network activity and informs the security team of a potential security event.
-Attempts to fix any controls that aren’t working properly.:
-Partial control solution that is implemented when a control cannot fully meet a requirement.

Answer 11

Correct Answer:
Partial control solution that is implemented when a control cannot fully meet a requirement.