Question 1

The process by which organizations assess the data they hold and the level of protection it should be given based on its risk to loss or harm from disclosure is called

Options :

A : Information Classification

B : Information shielding

C : Security Category

D : Information Categorization

Answer: A

Question 2

You have just resumed to a new role in the HR department and discovered that the department pays lip service to security of company’s asset. You notice that staff information is openly displayed on desk and desktops are not locked when they leave their seats. Which of the CIA triad is mostly affected?

Options :

A : Integrity

B : Availability

C : Accountability

D : Confidentiality

Answer: D

Question 3

T in STRIDE stands for

Options :

A : Tapping

B : Treatment

C : Togetherness

D : Tampering

Answer: D

Question 4

Which of the following statement is false?

Options :

A : U.S. law tends to encourage retaining information, whereas EU law tends to encourage deleting it

B : The least famous data privacy regulation is the European Union’s General Data Protection Regulation (GDPR) in EU.

C : Canada’s data privacy policy is called Personal Information Protection and Electronic Documents Act.

D : The United States regulates the storage of credit and other financial information.

Answer: B

Question 5

Record of information about identified risks is called

Options :

A : Risk

B : Risk Mitigation Planning

C : Risk register

D : Risk management

Answer: C

Higher Test Marks with Free Online IIBA-CCA Exam Practice

Buying Options: