11.

30 19:08
Information assurance fundamentals mcqs
**1. What does CIA stand for in the context of information assurance?**
- a) Central Intelligence Agency
- b) Confidentiality, Integrity, Availability
- c) Cybersecurity and Information Assurance
- d) Computer Incident Assessment

**Answer: b) Confidentiality, Integrity, Availability**

**2. Which of the following is an example of a preventive control in information

assurance?**
- a) Intrusion Detection System (IDS)
- b) Encryption
- c) Firewalls
- d) Security Patching

**Answer: c) Firewalls**

**3. What is the primary goal of risk management in information assurance?**

- a) Eliminate all risks
- b) Minimize the impact of potential threats
- c) Maximize system complexity
- d) Ignore potential risks

**Answer: b) Minimize the impact of potential threats**

**4. What does the term "Phishing" refer to in the context of information security?
**
- a) Fishing for data in a database
- b) A fraudulent attempt to obtain sensitive information
- c) A method of securing emails
- d) Programming language for secure coding

**Answer: b) A fraudulent attempt to obtain sensitive information**

**5. What is the purpose of biometric authentication in information assurance?**

- a) Protecting data through encryption
- b) Verifying identity based on unique physical or behavioral traits
- c) Securing network communication
- d) Creating strong passwords

**Answer: b) Verifying identity based on unique physical or behavioral traits**

**6. In the context of information assurance, what is a "DMZ" (Demilitarized Zone)?

**
- a) A secure military network
- b) A zone free of information security policies
- c) An isolated network segment between internal and external networks
- d) A database management zone

**Answer: c) An isolated network segment between internal and external networks**

**7. What does the term "Zero-Day Exploit" refer to in information security?**
- a) An attack that occurs on the zeroth day of the month
- b) An exploit that takes advantage of software vulnerabilities unknown to the
vendor
- c) A type of encryption algorithm
- d) A strategy for risk acceptance
**Answer: b) An exploit that takes advantage of software vulnerabilities unknown to
the vendor**

**8. What is the role of a Security Policy in information assurance?**

- a) Implementing software updates
- b) Defining the rules and guidelines for protecting information assets
- c) Conducting vulnerability assessments
- d) Managing network infrastructure

**Answer: b) Defining the rules and guidelines for protecting information assets**

**9. What is the purpose of an Incident Response Plan in information assurance?**

- a) Preventing all incidents from occurring
- b) Responding to and managing security incidents in a systematic way
- c) Encrypting sensitive data
- d) Performing regular security audits

**Answer: b) Responding to and managing security incidents in a systematic way**

**10. What does the acronym VPN stand for in the context of information assurance?
**
- a) Virtual Private Network
- b) Very Powerful Network
- c) Virus Protection Network
- d) Virtual Protocol Nexus

**Answer: a) Virtual Private Network**