Your quiz has been submitted successfully.
Domain 1 Easy
Question 1 points
An exposure occurs when a vulnerability _____________.
creates the possibility of incurring a loss or experiencing harm.
is reported to authorities as a source of risk.
is discovered by a penetration testing team.
is published in the Common Vulnerabilities and Exposures (CVE) database.
View Feedback
Question 2 points
Confidentiality is the principle that _____________.
is lost when hackers break into a database.
ensures data security.
ensures required levels of secrecy during processing, transmission, storage, and
use of information.
ensures privacy of information.
View Feedback
Question 3 points
Risk can be reduced by _____________.
applying countermeasures to eliminate threats and threat agents.
moving data from cloud servers to physical servers owned and operated by the
company.
moving data from physical servers to cloud-based servers.
applying countermeasures to eliminate vulnerabilities.
View Feedback
,Question 4 points
A control is _____________
used to impose penalties for misuse of confidential information.
used to eradicate the impact of an attack.
used to reduce or mitigate risks.
a mechanism for locking down configurations to prevent patching.
View Feedback
Question 5 points
Hashing is a control that _______
maps to the Integrity component of the AIC triad.
maps to the Availability and Confidentiality component of the AIC triad.
maps to the Confidentiality component of the AIC triad.
maps to the Integrity and Confidentiality components of the AIC triad.
View Feedback
Question 6 points
________ is a legal principle that requires that individuals perform necessary actions to
prevent negligence from occurring. It is judged using the reasonable person standard.
Due care
Separation of duties
Due diligence
Customary law
View Feedback
Question 7 points
Which of the following statements is true?
, PCI-DSS is a federal law that protects the privacy of credit card transactions.
USA Patriot Act broadens privacy protections for federal law enforcement agents
and immigration authorities.
HIPAA applies to all medical information held and used by hospitals and doctors'
offices.
FISMA applies to federal agencies and their contractors.
View Feedback
Question 8 points
Clustering and load balanging are controls that ________
map to the Availability and Integrity components of the AIC triad.
map to the Network Infrastructure component of the AIC triad.
map to the Availability component of the AIC triad.
map to the Network Integrity component of the AIC triad.
View Feedback
Question 9 points
Balanced security refers to _____________
addressing threats and implementing controls for availability, integrity, and
confidentiality.
understanding the concepts of the AIC triad.
weighing choices in controls against the magnitude of risk presented by a variety
of threats.
mapping controls to the AIC triad.
View Feedback
Question 10 points
Confidentiality can be protected by implementing which of the following controls?
, Data hiding and data obscuring techniques.
Access controls and auditing controls.
Encrypting data at rest and in transit.
Software digital signing to verify recipients.
View Feedback
Question 11 points
Availability is the principle which ensures ____________.
access to data and networks
the right information is sent to the right people at the right time.
reliability and timely access to data and other resources by authorized individuals.
required business systems have better than 99.999% uptime.
View Feedback
Question 12 points
Which of the following guidance documents specifically addresses security controls
required for information systems owned by or operated for the U.S. Federal
Government?
COBIT 5
NIST SP-800-53
DoDAF
NIST SP-800-37
View Feedback
Question 13 points
What is "security through obscurity?"
Domain 1 Easy
Question 1 points
An exposure occurs when a vulnerability _____________.
creates the possibility of incurring a loss or experiencing harm.
is reported to authorities as a source of risk.
is discovered by a penetration testing team.
is published in the Common Vulnerabilities and Exposures (CVE) database.
View Feedback
Question 2 points
Confidentiality is the principle that _____________.
is lost when hackers break into a database.
ensures data security.
ensures required levels of secrecy during processing, transmission, storage, and
use of information.
ensures privacy of information.
View Feedback
Question 3 points
Risk can be reduced by _____________.
applying countermeasures to eliminate threats and threat agents.
moving data from cloud servers to physical servers owned and operated by the
company.
moving data from physical servers to cloud-based servers.
applying countermeasures to eliminate vulnerabilities.
View Feedback
,Question 4 points
A control is _____________
used to impose penalties for misuse of confidential information.
used to eradicate the impact of an attack.
used to reduce or mitigate risks.
a mechanism for locking down configurations to prevent patching.
View Feedback
Question 5 points
Hashing is a control that _______
maps to the Integrity component of the AIC triad.
maps to the Availability and Confidentiality component of the AIC triad.
maps to the Confidentiality component of the AIC triad.
maps to the Integrity and Confidentiality components of the AIC triad.
View Feedback
Question 6 points
________ is a legal principle that requires that individuals perform necessary actions to
prevent negligence from occurring. It is judged using the reasonable person standard.
Due care
Separation of duties
Due diligence
Customary law
View Feedback
Question 7 points
Which of the following statements is true?
, PCI-DSS is a federal law that protects the privacy of credit card transactions.
USA Patriot Act broadens privacy protections for federal law enforcement agents
and immigration authorities.
HIPAA applies to all medical information held and used by hospitals and doctors'
offices.
FISMA applies to federal agencies and their contractors.
View Feedback
Question 8 points
Clustering and load balanging are controls that ________
map to the Availability and Integrity components of the AIC triad.
map to the Network Infrastructure component of the AIC triad.
map to the Availability component of the AIC triad.
map to the Network Integrity component of the AIC triad.
View Feedback
Question 9 points
Balanced security refers to _____________
addressing threats and implementing controls for availability, integrity, and
confidentiality.
understanding the concepts of the AIC triad.
weighing choices in controls against the magnitude of risk presented by a variety
of threats.
mapping controls to the AIC triad.
View Feedback
Question 10 points
Confidentiality can be protected by implementing which of the following controls?
, Data hiding and data obscuring techniques.
Access controls and auditing controls.
Encrypting data at rest and in transit.
Software digital signing to verify recipients.
View Feedback
Question 11 points
Availability is the principle which ensures ____________.
access to data and networks
the right information is sent to the right people at the right time.
reliability and timely access to data and other resources by authorized individuals.
required business systems have better than 99.999% uptime.
View Feedback
Question 12 points
Which of the following guidance documents specifically addresses security controls
required for information systems owned by or operated for the U.S. Federal
Government?
COBIT 5
NIST SP-800-53
DoDAF
NIST SP-800-37
View Feedback
Question 13 points
What is "security through obscurity?"
