D481 ITAS 5100 Security Foundations
Objective Assessment Review
(Questions & Solutions)
2025
1
, 1. Case: A multinational enterprise is designing its security
architecture using layered defenses to protect highly sensitive
customer data.
Question: Which approach best illustrates a “defense in depth”
strategy for defending against both internal and external threats?
a) Deploying only a perimeter firewall
b) Combining network segmentation, endpoint protection, SIEM
monitoring, and strict access controls
c) Relying solely on strong encryption for data at rest
d) Implementing antivirus software on all endpoints with no
additional controls
Correct ANS: b) Combining network segmentation, endpoint
protection, SIEM monitoring, and strict access controls
Rationale: Defense in depth relies on multiple redundant layers of
security such that breaching one layer does not compromise the
entire system. The ANS (b) integrates several controls—each
addressing different threat vectors—thus providing robust overall
protection.
---
2. Case: An organization is implementing a risk management
process to prioritize remedial actions against possible cybersecurity
threats.
Question: Which framework is most widely adopted for conducting
risk assessments in cybersecurity?
a) ISO 9001
b) NIST SP 800-37 Risk Management Framework
c) ITIL
d) COBIT
Correct ANS: b) NIST SP 800-37 Risk Management Framework
Rationale: NIST SP 800‑37 provides a comprehensive process for
2
,risk management that guides organizations through risk assessment,
mitigation, and monitoring, making it a cornerstone methodology in
cybersecurity.
---
3. Case: A financial institution must secure its online banking
services. The team is examining protocols ensuring data protection
during transmission.
Question: Which protocol is currently recommended to secure
web-based transactions?
a) SSL 3.0
b) TLS 1.2 (or TLS 1.3)
c) IPSec
d) PPTP
Correct ANS: b) TLS 1.2 (or TLS 1.3)
Rationale: TLS (Transport Layer Security) protocols are designed to
provide confidentiality and integrity in network communications. TLS
1.2 and TLS 1.3 replace less secure versions (like SSL) and are the
industry standard for securing web-based communications.
---
4. Case: A cybersecurity team is evaluating a new SIEM solution to
improve event correlation across disparate network devices.
Question: What is the primary benefit of deploying a SIEM in this
context?
a) It encrypts data at rest.
b) It collects, correlates, and analyzes log data in real time for threat
detection.
c) It optimizes network throughput.
d) It replaces the need for firewalls.
Correct ANS: b) It collects, correlates, and analyzes log data in
3
, real time for threat detection.
Rationale: SIEM systems are designed to ingest logs from multiple
sources, correlate events, and provide rapid alerts, thereby enabling
proactive threat identification and incident response.
---
5. Case: A government agency is implementing multi-factor
authentication (MFA) into its secure access systems.
Question: Which of the following best describes what MFA
requires?
a) A strong password alone
b) Two or more of the following: something you know, something you
have, and something you are
c) A hardware token only
d) Exclusive reliance on biometric data
Correct ANS: b) Two or more of the following: something you know,
something you have, and something you are
Rationale: MFA combines multiple independent credentials to
verify a user’s identity, significantly reducing the risk of unauthorized
access even if one factor becomes compromised.
---
6. Case: A cybersecurity architect is tasked with encrypting large
volumes of data stored across various databases.
Question: Which encryption method is best suited in terms of
balancing security and performance for encrypting data at rest?
a) Asymmetric encryption (e.g., RSA)
b) Symmetric encryption (e.g., AES)
c) Hashing algorithms (e.g., SHA‑256)
d) Digital signatures
Correct ANS: b) Symmetric encryption (e.g., AES)
4
Objective Assessment Review
(Questions & Solutions)
2025
1
, 1. Case: A multinational enterprise is designing its security
architecture using layered defenses to protect highly sensitive
customer data.
Question: Which approach best illustrates a “defense in depth”
strategy for defending against both internal and external threats?
a) Deploying only a perimeter firewall
b) Combining network segmentation, endpoint protection, SIEM
monitoring, and strict access controls
c) Relying solely on strong encryption for data at rest
d) Implementing antivirus software on all endpoints with no
additional controls
Correct ANS: b) Combining network segmentation, endpoint
protection, SIEM monitoring, and strict access controls
Rationale: Defense in depth relies on multiple redundant layers of
security such that breaching one layer does not compromise the
entire system. The ANS (b) integrates several controls—each
addressing different threat vectors—thus providing robust overall
protection.
---
2. Case: An organization is implementing a risk management
process to prioritize remedial actions against possible cybersecurity
threats.
Question: Which framework is most widely adopted for conducting
risk assessments in cybersecurity?
a) ISO 9001
b) NIST SP 800-37 Risk Management Framework
c) ITIL
d) COBIT
Correct ANS: b) NIST SP 800-37 Risk Management Framework
Rationale: NIST SP 800‑37 provides a comprehensive process for
2
,risk management that guides organizations through risk assessment,
mitigation, and monitoring, making it a cornerstone methodology in
cybersecurity.
---
3. Case: A financial institution must secure its online banking
services. The team is examining protocols ensuring data protection
during transmission.
Question: Which protocol is currently recommended to secure
web-based transactions?
a) SSL 3.0
b) TLS 1.2 (or TLS 1.3)
c) IPSec
d) PPTP
Correct ANS: b) TLS 1.2 (or TLS 1.3)
Rationale: TLS (Transport Layer Security) protocols are designed to
provide confidentiality and integrity in network communications. TLS
1.2 and TLS 1.3 replace less secure versions (like SSL) and are the
industry standard for securing web-based communications.
---
4. Case: A cybersecurity team is evaluating a new SIEM solution to
improve event correlation across disparate network devices.
Question: What is the primary benefit of deploying a SIEM in this
context?
a) It encrypts data at rest.
b) It collects, correlates, and analyzes log data in real time for threat
detection.
c) It optimizes network throughput.
d) It replaces the need for firewalls.
Correct ANS: b) It collects, correlates, and analyzes log data in
3
, real time for threat detection.
Rationale: SIEM systems are designed to ingest logs from multiple
sources, correlate events, and provide rapid alerts, thereby enabling
proactive threat identification and incident response.
---
5. Case: A government agency is implementing multi-factor
authentication (MFA) into its secure access systems.
Question: Which of the following best describes what MFA
requires?
a) A strong password alone
b) Two or more of the following: something you know, something you
have, and something you are
c) A hardware token only
d) Exclusive reliance on biometric data
Correct ANS: b) Two or more of the following: something you know,
something you have, and something you are
Rationale: MFA combines multiple independent credentials to
verify a user’s identity, significantly reducing the risk of unauthorized
access even if one factor becomes compromised.
---
6. Case: A cybersecurity architect is tasked with encrypting large
volumes of data stored across various databases.
Question: Which encryption method is best suited in terms of
balancing security and performance for encrypting data at rest?
a) Asymmetric encryption (e.g., RSA)
b) Symmetric encryption (e.g., AES)
c) Hashing algorithms (e.g., SHA‑256)
d) Digital signatures
Correct ANS: b) Symmetric encryption (e.g., AES)
4
