Multiple Choice Questions & Answers on Data Security

Multiple Choice Questions & Answers on Data Security

1. When leakage of data is done purposely or because of the lack of employee’s concern toward confidential data is called ___________ done by employees of an organization.
a) Ill-intentional data leakage
b) Malfunctioned in database
c) A malfunction in online data
d) ill-intension of an outsider
Answer: Ill-intentional data leakage

2. The three steps of data loss prevention are – Identify, Discover and______________
a) Classify
b) Clarify
c) Deletion
d) Detection
Answer: Classify

3. Data leakage is popularly known as ___________
a) data theft
b) data crack
c) low and slow data theft
d) slow data theft
Answer: low and slow data theft

4. There are __________ major types of data leakage.
a) Two
b) Three
c) Four 
d) Five
Answer: Three

5. ________ is the process of retaining or keeping of data at a secure place for long-term storage.
a) Data archiving
b) Archival Storage
c) Disposal of Data
d) Backup
Answer: Data archiving

6. _____________ focuses on the detection & prevention of sensitive data exfiltration and lost data.
a) Data loss prevention
b) Data loss measurement
c) Data stolen software
d) Data leak prevention
Answer: Data loss prevention

7. ______________ is the unauthorized movement of data.
a) Data exfiltration
b) Data infiltration
c) Data cracking
d) Database hacking
Answer: Data exfiltration.

8. _____________ is the illicit transmission of data from inside an organization or personal system to an external location or recipient.
a) Database hacking
b) Data leakage
c) Data cracking
d) Data revealing
Answer: Data leakage

9. Which of the following is most used rule for backup?
a) 4-2-1 Rule
b) 3-2-1 Rule
c) 4-3-2 Rule
d) 4-3-1 Rule
Answer: 3-2-1 Rule

10. Which of them is not an example of data leakage done using electronic communication with malicious intent?
a) Phishing
b) Spoofed Email
c) Attacks using malware
d) Dumpster diving
Answer: Dumpster diving

11. What is true about data security?
a) Data security is the protection of programs and data in computers and communication systems against unauthorized access
b) It refers to the right of individuals or organizations to deny or restrict the collection and use of information
c) Data security requires system managers to reduce unauthorized access to the systems by building physical arrangements and software checks.
d) All of the above
Answer: All of the above

12. In 3-2-1 rule 2 represents?
a) Copies of our data
b) Different formats
c) Off-site backup
d) None of the above
Answer: Different formats

13. Which of the following is not a form of data archiving?
a) Online
b) Offline
c) Storage arrchiving
d) Cloud-storage
Answer: Storage arrchiving

14. What is Selective archiving?
a) The storage mechanisms we use for archiving data would change over time
b) We will archive only a selective part of data because not all data is equally important.
c) In the real world is archived data which is in an obsolete format.
d) All of the above
Answer: We will archive only a selective part of data because not all data is equally important.

15. Which of the following are data security consideration?
a) Backups
b) Archival Storage
c) Disposal of Data
d) All of the above
Answer: All of the above

16. What is Eliminate potential clues?
a) We have to clear the configuration settings from networking equipment.
b) It can provide crucial clues to a security cracker to break into our network and the systems that reside on it.
c) Both a and b
d) None of the above
Answer: Both a and b

17. Data leakage threats do not usually occur from which of the following?
a) Web and email
b) Mobile data storage
c) USB drives and laptops
d) Television
Answer: Television

18. Which of the following is an example of archives online?
a) On removable media
b) Document files
c) Dedicated archive server
d) DVD drives
Answer: Dedicated archive server

19. Which of them is not an example of physical data leakage?
a) dumpster diving
b) shoulder surfing
c) printers and photocopiers
d) phishing
Answer: phishing

20. Which of them is an example of physical data leakage?
a) Dumpster diving
b) MiTM
c) DDoS
d) Phishing
Answer: Dumpster diving

21. Which of the following will not help us for the secure disposal of data?
a) Destroy the data
b) Destroy the device
c) Keep careful records
d) Destroy access
Answer: Destroy access

22. Which of the following is not a step of data-loss prevention?
a) Identify
b) Manage
c) Classify
d) Discover
Answer: Manage

23. Data leakage threats are done by internal agents. Which of them is not an example of an internal data leakage threat?
a) Data leak by 3rd Party apps
b) Data leak by partners
c) Data leak by employees
d) Data leak from stolen credentials from the desk
Answer: Data leak by 3rd Party apps

24. Mapping of data-flow in an organization is very useful in understanding the risk better due to actual & potential data leakage.
a) True
b) False
Answer: True

25. “Unauthorized” data leakage doesn’t essentially mean intended or malicious.
a) True
b) False
Answer: True

26. Data leakage prevention is based on factors like access controls, persistent, encryption, alerting, tokenization, blocking dynamic data masking, etc.
a) True
b) False
Answer: True

27. Unintentional data leakage can still result in the same penalties and reputational damage.
a) True
b) False
Answer: True

Comments