Question 1

The following are non -Adversarial Threat Sources except

Options :

A : Structural events

B : Accidental events

C : Environmental events

D : Intentional events

Answer: D

Question 2

___________ type of control that specify acceptable rules of behavior within an organization.

Options :

A : Directive Controls

B : Deterrent Controls

C : Corrective Controls

D : Detective Controls

Answer: A

Question 3

__________ is a company’s statement disclosing to its customers how their information is gathered, managed, used and disclosed to others.

Options :

A : Privacy policy

B : Data minimization.

C : Consent

D : Notice

Answer: A

Question 4

At which stage of an adversarial threat attack does the attacker craft phishing and other attacks and counterfeit entities, create and operate false-fronts to inject malicious components?

Options :

A : Perform Reconnaissance

B : Exploit and Compromise

C : Craft or Create Attack Tools

D : Deliver/Insert/Install Malicious Capabilities

Answer: C

Question 5

Which of the following encapsulates people, processes and products to identify and manage the data used in an organisation system to authenticate users and manage access rights to data and system resources?

Options :

A : Information access management

B : Identify and access management

C : Intrusion access management

D : Identify and application management

Answer: B