MIST 356 ACTUAL 2026 STUDY GUIDE QUESTIONS AND
ANSWERS GRADED A+
✔✔ls -l in Linux - ✔✔Shows file permissions, ownership, and modification times.
✔✔mysqldump purpose - ✔✔Creates logical backups of MariaDB databases.
✔✔mysql_secure_installation configuration - ✔✔Removes insecure defaults and
enforces stronger settings.
✔✔NIST SP 800-53 - ✔✔Provides security control guidelines for federal systems.
✔✔COBIT 5 - ✔✔A governance framework aligning IT with business goals.
✔✔PCI DSS - ✔✔Secures credit card data and transactions.
✔✔ISO/IEC 27001 - ✔✔Defines requirements for an information security management
system (ISMS).
✔✔NIST Cybersecurity Framework - ✔✔Outlines five functions: Identify, Protect,
Detect, Respond, Recover.
✔✔Security awareness training - ✔✔All employees and contractors.
✔✔IT role in enforcing security policies - ✔✔IT enforces policies through system
configuration, access control, and monitoring.
✔✔Vendors' responsibility in third-party security - ✔✔Vendors must comply with
contractual security standards and report incidents promptly.
✔✔Administrators' role in incident response - ✔✔Execute response actions,
containment, recovery, and reporting.
✔✔Executives' role in security governance - ✔✔Set policy direction and allocate
resources for governance.
✔✔Vulnerability - ✔✔A weakness that can be exploited.
✔✔Threat - ✔✔Any potential cause of an unwanted incident.
✔✔Risk - ✔✔Threat, vulnerability, and impact.
✔✔Mitigation strategy - ✔✔Reduces likelihood or impact of risks.
, ✔✔Security incident - ✔✔An event that compromises confidentiality, integrity, or
availability.
✔✔File integrity monitoring - ✔✔Tracks unauthorized file changes.
✔✔Intrusion detection - ✔✔Identifies unauthorized activity or breaches.
✔✔Log analysis - ✔✔Reviews system logs for suspicious events.
✔✔Anomaly detection - ✔✔Spots deviations from normal patterns.
✔✔Endpoint monitoring - ✔✔Tracks activity on devices for threats or compliance
issues.
✔✔Importance of security compliance - ✔✔Protects organizations from legal penalties
and builds customer trust.
✔✔Identity management improvement - ✔✔Ensures only authorized users access
specific resources, reducing breaches.
✔✔Importance of regular backups - ✔✔To protect data against loss from attacks or
failures.
✔✔Access control in Linux - ✔✔Limits who can access files and processes.
✔✔Security audits' impact on resilience - ✔✔Identify weaknesses, verify compliance,
and improve organizational resilience.
✔✔ Primary goal of security compliance - ✔✔Ensure an organization meets legal,
regulatory, and internal standards to protect data.
✔✔Importance of regular security audits - ✔✔Verify that controls are working, identify
vulnerabilities and ensure regulatory alignment.
✔✔Consequences of non-compliance with security regulations - ✔✔It can result in
fines, legal action, and loss of trust.
✔✔Audit trail - ✔✔Record of system activities used to trace security events or
transactions.
✔✔GDPR - ✔✔General Data Protection Regulation it is an EU law protecting personal
data and privacy.
ANSWERS GRADED A+
✔✔ls -l in Linux - ✔✔Shows file permissions, ownership, and modification times.
✔✔mysqldump purpose - ✔✔Creates logical backups of MariaDB databases.
✔✔mysql_secure_installation configuration - ✔✔Removes insecure defaults and
enforces stronger settings.
✔✔NIST SP 800-53 - ✔✔Provides security control guidelines for federal systems.
✔✔COBIT 5 - ✔✔A governance framework aligning IT with business goals.
✔✔PCI DSS - ✔✔Secures credit card data and transactions.
✔✔ISO/IEC 27001 - ✔✔Defines requirements for an information security management
system (ISMS).
✔✔NIST Cybersecurity Framework - ✔✔Outlines five functions: Identify, Protect,
Detect, Respond, Recover.
✔✔Security awareness training - ✔✔All employees and contractors.
✔✔IT role in enforcing security policies - ✔✔IT enforces policies through system
configuration, access control, and monitoring.
✔✔Vendors' responsibility in third-party security - ✔✔Vendors must comply with
contractual security standards and report incidents promptly.
✔✔Administrators' role in incident response - ✔✔Execute response actions,
containment, recovery, and reporting.
✔✔Executives' role in security governance - ✔✔Set policy direction and allocate
resources for governance.
✔✔Vulnerability - ✔✔A weakness that can be exploited.
✔✔Threat - ✔✔Any potential cause of an unwanted incident.
✔✔Risk - ✔✔Threat, vulnerability, and impact.
✔✔Mitigation strategy - ✔✔Reduces likelihood or impact of risks.
, ✔✔Security incident - ✔✔An event that compromises confidentiality, integrity, or
availability.
✔✔File integrity monitoring - ✔✔Tracks unauthorized file changes.
✔✔Intrusion detection - ✔✔Identifies unauthorized activity or breaches.
✔✔Log analysis - ✔✔Reviews system logs for suspicious events.
✔✔Anomaly detection - ✔✔Spots deviations from normal patterns.
✔✔Endpoint monitoring - ✔✔Tracks activity on devices for threats or compliance
issues.
✔✔Importance of security compliance - ✔✔Protects organizations from legal penalties
and builds customer trust.
✔✔Identity management improvement - ✔✔Ensures only authorized users access
specific resources, reducing breaches.
✔✔Importance of regular backups - ✔✔To protect data against loss from attacks or
failures.
✔✔Access control in Linux - ✔✔Limits who can access files and processes.
✔✔Security audits' impact on resilience - ✔✔Identify weaknesses, verify compliance,
and improve organizational resilience.
✔✔ Primary goal of security compliance - ✔✔Ensure an organization meets legal,
regulatory, and internal standards to protect data.
✔✔Importance of regular security audits - ✔✔Verify that controls are working, identify
vulnerabilities and ensure regulatory alignment.
✔✔Consequences of non-compliance with security regulations - ✔✔It can result in
fines, legal action, and loss of trust.
✔✔Audit trail - ✔✔Record of system activities used to trace security events or
transactions.
✔✔GDPR - ✔✔General Data Protection Regulation it is an EU law protecting personal
data and privacy.
