Question 1Fill in the blank: A security _____ is a set of guidelines used for building plans to help mitigate risk and threats to data and privacy.1 pointlifecycleregulationframeworkcontrol2.Question 2An organization requires its employees to complete a new data privacy training program each year to reduce the risk of a data breach. What is this training requirement an example of?1 pointPersonally identifiable information (PII)Security controlData confidentialityCybersecurity Framework (CSF)3.Question 3What is a foundational model that informs how organizations consider risk when setting up systems and security policies?1 pointCybersecurity Framework (CSF)General Data Protection Regulation law (GDPR)Sensitive personally identifiable information (SPII)Confidentiality, integrity, and availability (CIA) triad4.Question 4Security teams use the NIST Cybersecurity Framework (CSF) as a baseline to manage short and long-term risk.1 pointTrueFalse

Question 2An organization requires its employees to complete a new data privacy training program each year to reduce the risk of a data breach. What is this training requirement an example of?1 pointCybersecurity Framework (CSF)Security controlData confidentialityPersonally identifiable information (PII)

3.Question 3What is a foundational model that informs how organizations consider risk when setting up systems and security policies?1 pointSensitive personally identifiable information (SPII)Cybersecurity Framework (CSF)Confidentiality, integrity, and availability (CIA) triadGeneral Data Protection Regulation law (GDPR)

Question 1Fill in the blank: A security _____ is a set of guidelines used for building plans to help mitigate risk and threats to data and privacy.1 pointregulationframeworkcontrollifecycle

1.Question 1What are some of the primary purposes of security frameworks? Select three answers.1 pointSafeguarding specific individualsAligning security with business goalsManaging organizational risks Protecting PII data2.Question 2Which of the following are core components of security frameworks? Select two answers.1 pointEstablishing regulatory compliance measuresImplementing security processesMonitoring and communicating results Managing data requests3.Question 3Fill in the blank: A security professional has been tasked with implementing strict password policies on workstations to reduce the risk of password theft. This is an example of _____.1 pointsecurity teams hardware changesnetworking regulationssecurity controls4.Question 4You are helping your security team consider risk when setting up a new software system. Using  the CIA triad, you focus on integrity, availability, and what else?1 pointConfidentialityConformityCommunicationConsent5.Question 5Fill in the blank: A key aspect of the CIA triad is ensuring that data is correct, _____, and reliable.1 pointcentralizedupdatedpublicauthentic6.Question 6Which of the following statements accurately describe the NIST CSF? Select all that apply.1 pointSecurity teams use it as a baseline to manage risk.Its purpose is to help manage cybersecurity risk. It consists of standards, guidelines, and best practices.It is only effective at managing long-term risk.7.Question 7Fill in the blank: Some of the most dangerous threat actors are _____ because they often know where to find sensitive information, can access it, and may have malicious intent. 1 point past vendorsdissatisfied customersdisgruntled employeessenior partners8.Question 8A security professional overhears two employees discussing an exciting new product that has not been announced to the public. The security professional chooses to follow company guidelines with regards to confidentiality and does not share the information about the new product with friends. Which concept does this scenario describe?1 pointPreserving evidenceData encryptionSecurity ethicsSecurity controls9.Question 9Fill in the blank: The ethical principle of _____ involves safeguarding a company database that contains sensitive information about employees.1 pointnon-bias privacy protectionhonestyunrestricted access10.Question 10Which ethical principle describes the rules that are recognized by a community and enforced by a governing entity?1 pointGuidelinesRestrictionsProtectionsLaws

Question 1What does a security professional use to create guidelines and plans that educate employees about how they can help protect the organization? 1 pointSecurity postureSecurity auditSecurity frameworkSecurity hardening