#1
What does PII stand for in the context of sensitive information?
Personal Identification Information
ExplanationIdentification data that can be used to distinguish or trace an individual's identity.
#2
Which of the following is NOT an example of sensitive information?
Publicly Available Company Information
ExplanationInformation that is accessible to the public and does not require special protection.
#3
What does PHI stand for in the context of sensitive healthcare information?
Protected Health Information
ExplanationHealthcare information subject to protection under laws and regulations.
#4
Which of the following is NOT considered a best practice for handling sensitive information?
Sharing passwords with trusted colleagues
ExplanationSecurity risk involving the sharing of sensitive authentication credentials.
#5
Which of the following is NOT a common type of sensitive information?
Publicly available information
ExplanationInformation that lacks sensitivity and does not require special protection.
#6
What is the primary objective of information sensitivity analysis?
To determine the potential impact of information disclosure
ExplanationAssessment of the consequences of unauthorized access or exposure of sensitive data.
#7
What does GDPR stand for?
General Data Protection Regulation
ExplanationEuropean Union regulation concerning data protection and privacy for all individuals within the EU and the European Economic Area.
#8
What is the process of removing sensitive information from a document or dataset called?
Anonymization
ExplanationTechnique to protect privacy by removing or altering personally identifiable information.
#9
What is the principle of least privilege in information security?
Granting users only the access they need to perform their duties
ExplanationSecurity concept restricting user permissions to the minimum levels required to perform tasks.
#10
What is the purpose of a data classification policy?
To define how data should be classified and protected
ExplanationPolicy that categorizes data based on sensitivity and defines appropriate security controls.
#11
Which of the following is an example of a technical safeguard for sensitive information?
Access controls
ExplanationTechnology-based measures limiting user access to sensitive data.
#12
What is the primary goal of information classification?
To define how information should be protected
ExplanationCategorizing data to determine appropriate levels of security measures.
#13
Which of the following is an example of a physical safeguard for sensitive information?
Locked Filing Cabinet
ExplanationPhysical barrier to prevent unauthorized access to sensitive documents.
#14
Which of the following is NOT a common method of securely disposing of sensitive information?
Posting on social media
ExplanationUnsecure method of data disposal, exposing sensitive information to public view.
#15
What is the main purpose of data masking?
To obfuscate sensitive data
ExplanationTechnique to conceal original data with modified content while preserving usability.
#16
What is the purpose of a clean desk policy in handling sensitive information?
To prevent unauthorized access to sensitive information
ExplanationGuideline requiring employees to secure and organize sensitive documents when not in use.
#17
Which of the following is NOT a potential consequence of mishandling sensitive information?
Increased efficiency
ExplanationPositive outcome unrelated to the mishandling of sensitive data.
#18
What is the primary goal of a data retention policy?
To determine how long data should be kept
ExplanationGuideline specifying the duration for which data should be retained and when it should be securely disposed.