And Correct Answer with Rational (100%
verified answer) Q & A 2026 /Instant
download PDF
1. What is the primary goal of security governance?
A. Install antivirus software
B. Ensure alignment of security with business objectives
C. Increase network speed
D. Replace IT staff
Correct Answer: B
Security governance ensures that security strategies support and align with
organizational goals and risk management.
2. Which document defines overall security direction in an organization?
A. Incident report
B. Security policy
C. Network diagram
D. Audit log
Correct Answer: B
Security policy sets the high-level rules and direction for protecting organizational
assets.
3. Who is ultimately responsible for security governance?
A. Junior analyst
B. End user
C. Executive management
,D. Help desk
Correct Answer: C
Executive management is responsible for ensuring governance and accountability.
4. What is risk management primarily concerned with?
A. Eliminating all risks
B. Ignoring threats
C. Identifying and reducing risks
D. Increasing hardware capacity
Correct Answer: C
Risk management identifies, assesses, and reduces risks to acceptable levels.
5. Which framework helps align IT security with business goals?
A. COBIT
B. HTTP
C. FTP
D. SMTP
Correct Answer: A
COBIT provides governance and management of enterprise IT.
6. What is a security control?
A. A firewall rule only
B. A safeguard to reduce risk
C. A hacker tool
D. A database
Correct Answer: B
Security controls reduce vulnerabilities and mitigate risks.
, 7. What type of control is encryption?
A. Physical
B. Preventive
C. Detective
D. Corrective
Correct Answer: B
Encryption prevents unauthorized access to data.
8. What is a policy exception?
A. A permanent rule
B. A deviation from standard policy
C. A firewall setting
D. A malware type
Correct Answer: B
Policy exceptions allow temporary deviations from established rules.
9. What is the CIA triad?
A. Cost, Internet, Access
B. Confidentiality, Integrity, Availability
C. Control, Inspection, Audit
D. Cyber, Identity, Access
Correct Answer: B
CIA triad defines core security principles.
10. Which ensures users only access necessary resources?
A. Least privilege
B. Open access
C. Admin rights
D. Guest login