Module 2 - 02-2

Question 1

Define Security Posture

Answer 1

An organization’s ability to manage its defense of critical assets and data and react to change

Question 2

What is a core security model?

Answer 2

CIA Triad

Question 3

What does CIA stand for?

Answer 3

i. Confidentiality
ii. Integrity
iii. Availability

Question 4

Define CIA Triad

Answer 4

A model that helps inform how organizations consider risk when setting up systems and security policies

Question 5

Define Confidentiality

Answer 5

Only authorized users can access specific assets or data

Question 6

What design principle can be implemented in an organization to enhance Confidentiality?

Answer 6

Principle of Least Privilege

Question 7

Define the Principle of Least Privilege

Answer 7

Limits users’ access to only the information they need to complete work-related tasks

Question 8

Define Integrity

Answer 8

The data is correct, authentic, and reliable

Question 9

What is an example to verify data Integrity?

Answer 9

Cryptography

Question 10

Define Cryptography

Answer 10

To transform data so unauthorized parties cannot read or tamper with it (NIST, 2022)

Question 11

What is an example of how an organization might implement Integrity?

Answer 11

By enabling Encryption

Question 12

Define Encryption

Answer 12

The process of converting data from a readable format to an encoded format

Question 13

Define Availability

Answer 13

The data is accessible to those who are authorized to access it

Question 14

The CIA triad is a model that helps inform how organizations consider _____ when setting up systems and security policies.

access
assets
data
risk

Answer 14

risk

Question 15

Match each CIA triad component to the correct scenario: You must use two-factor authentication before signing into an employee portal.
CIA triad component

Confidentiality
Integrity
Availability

Answer 15

Confidentiality

Question 16

Match each CIA triad component to the correct scenario:
You recently shopped at Store Y and verify you were charged correctly.
CIA triad component

Confidentiality
Integrity
Availability

Answer 16

Integrity

Question 17

Match each CIA triad component to the correct scenario:
You frequently sign into your bank account to check your balances.
CIA triad component

Confidentiality
Integrity
Availability

Answer 17

Availability

Question 18

What is the CIA triad?

A set of security controls used to update systems and networks
A foundational security model used to set up security policies and systems
Ongoing validation processes involving all employees in an organization
A mandatory security framework involving the selection of appropriate controls

Answer 18

The CIA triad is a foundational security model used to set up security policies and systems. The core principles of the model are confidentiality, integrity, and availability.

Question 19

Which element of the CIA triad specifies that only authorized users can access specific information?

Confidentiality
Confirmation
Integrity
Access

Answer 19

Confidentiality specifies that only authorized users can access specific information.

Question 20

A security analyst discovers that certain data is inaccessible to authorized users, which is preventing these employees from doing their jobs efficiently. The analyst works to fix the application involved in order to allow for timely and reliable access. Which element of the CIA triad does this scenario describe?

Applicability
Integrity
Capacity
Availability

Answer 20

Availability

This scenario describes availability. Availability specifies that data is accessible to authorized users.

Question 21

According to the CIA triad, _____ refers to ensuring that an organization’s data is verifiably correct, authentic, and reliable.

Availability
Accuracy
Credibility
Integrity

Answer 21

Integrity