MANAGEMENT | EXAM QUESTIONS AND CORRECT
ANSWERS WITH RATIONALES GRADED A+ LATEST
1.
A company is implementing a new security policy that requires multi-factor
authentication (MFA) for all remote access. Which of the following best describes the
primary benefit of MFA?
A. It eliminates the need for passwords.
B. It reduces the risk of credential theft and unauthorized access.
C. It simplifies user access management.
D. It removes the need for logging and auditing.
Answer: B
Rationale: MFA requires multiple authentication factors, making it much harder for
attackers to compromise accounts even if passwords are stolen.
2.
A security manager is reviewing access control policies and wants to ensure that users
only have access to what they need to perform their jobs. Which principle is being
applied?
A. Least Privilege
B. Separation of Duties
C. Need to Know
D. Role-Based Access Control
Answer: A
Rationale: Least privilege limits user access to only what is necessary for their role,
reducing risk.
1|Page
,3.
A company’s SOC has detected unusual outbound traffic from a workstation to an
unknown IP address. The security analyst suspects malware. What should be the FIRST
action?
A. Notify the CEO.
B. Disconnect the workstation from the network.
C. Reboot the workstation.
D. Update antivirus definitions.
Answer: B
Rationale: Disconnecting the system prevents further data exfiltration and limits spread
while preserving evidence.
4.
During a risk assessment, an analyst identifies that the company has a single point of
failure in its data center power supply. This is an example of what type of risk?
A. Strategic Risk
B. Operational Risk
C. Compliance Risk
D. Financial Risk
Answer: B
Rationale: Operational risk includes disruptions in systems or processes that affect
business continuity.
5.
A company is developing its incident response plan. Which of the following is the most
important reason for including a communication plan?
A. To ensure the IT team can work without interruptions.
B. To ensure stakeholders are informed and legal requirements are met.
C. To reduce the cost of incident response.
D. To eliminate the need for documentation.
2|Page
,Answer: B
Rationale: Communication plans ensure proper notification of stakeholders, regulatory
compliance, and coordinated response.
6.
Which of the following BEST defines “risk appetite”?
A. The amount of risk a company is willing to accept to achieve objectives
B. The total number of risks identified in an assessment
C. The cost of mitigating all identified risks
D. The probability of a threat occurring
Answer: A
Rationale: Risk appetite is the level of risk an organization is willing to accept.
7.
A company wants to protect sensitive data at rest. Which of the following controls is
MOST appropriate?
A. Data encryption
B. Intrusion detection system
C. Network segmentation
D. Vulnerability scanning
Answer: A
Rationale: Encryption protects data at rest by making it unreadable without the correct
keys.
3|Page
, 8.
A security team uses a vulnerability scanner to identify weaknesses in their web
applications. The scanner finds a SQL injection vulnerability. Which phase of the SDLC is
MOST important to address this vulnerability?
A. Requirements
B. Design
C. Development
D. Maintenance
Answer: C
Rationale: SQL injection vulnerabilities are typically introduced during development
and should be addressed through secure coding practices.
9.
A healthcare organization must comply with HIPAA. What is the primary focus of HIPAA?
A. Protecting financial transactions
B. Protecting patient health information
C. Protecting government data
D. Protecting intellectual property
Answer: B
Rationale: HIPAA protects the confidentiality, integrity, and availability of protected
health information (PHI).
4|Page