#1
What is the primary goal of Security Awareness?
To create a culture of security within an organization
ExplanationPromotes a security-conscious mindset among employees.
#2
What is the purpose of a Security Risk Assessment?
To identify and evaluate potential security risks
ExplanationCritical for designing effective security measures.
#3
What is the concept of 'Security Awareness Training' in organizations?
Training to increase employee awareness of security risks and best practices
ExplanationEducates employees to recognize and mitigate risks.
#4
What is the concept of 'Least Privilege' in the context of security?
Granting users the least amount of privileges necessary for their job functions
ExplanationMinimizes potential damage by limiting user access.
#5
What is a common method of Social Engineering?
Manipulating individuals to disclose confidential information
ExplanationExploits human psychology to gain unauthorized access.
#6
What is the difference between a vulnerability and a threat in the context of information security?
A vulnerability is a weakness, while a threat is a potential danger
ExplanationVulnerabilities can be exploited by threats.
#7
What does the term 'Risk Assessment' refer to in the context of security?
Identifying and evaluating potential security risks
ExplanationIdentifies vulnerabilities and threats for mitigation.
#8
Which of the following is an example of a technical control in risk management?
Firewalls
ExplanationManages network traffic to prevent unauthorized access.
#9
What is the purpose of a Security Incident Response Plan (SIRP)?
To minimize the impact of security incidents and ensure a quick recovery
ExplanationEnsures swift and effective responses to breaches.