Study 1

Question 1

What is the CIA Triad?

Answer 1

Confidentiality, Integrity, Availability

Question 2

What is due care?

Answer 2

Taking reasonable actions to prevent harm

Question 3

What does ISO 27001 specify?

Answer 3

Information security management system (ISMS) requirements

Question 4

Who is responsible for data classification?

Answer 4

The data owner

Question 5

What is data remanence?

Answer 5

Residual representation of data that remains after attempts to remove or erase it

Question 6

What is defense in depth?

Answer 6

Layered security approach to protect assets

Question 7

What does a firewall do?

Answer 7

Filters network traffic based on predefined rules

Question 8

What is the purpose of IPSec?

Answer 8

Provides secure network communications using authentication and encryption

Question 9

What is multifactor authentication (MFA)?

Answer 9

Authentication using two or more factors from different categories

Question 10

What does RBAC stand for?

Answer 10

Role-Based Access Control

Question 11

What is a vulnerability assessment?

Answer 11

Identifying and quantifying vulnerabilities in a system

Question 12

What is the purpose of a security audit?

Answer 12

Evaluate compliance with security policies and standards

Question 13

What is an incident response plan?

Answer 13

A set of procedures for detecting, responding to, and recovering from incidents

Question 14

What does SIEM stand for?

Answer 14

Security Information and Event Management

Question 15

What is the main goal of secure coding practices?

Answer 15

Prevent common vulnerabilities such as buffer overflows and injection attacks

Question 16

What is the purpose of the OWASP Top 10?

Answer 16

Highlight the most critical security risks to web applications