GCC Class 1 Lesson 4 Quiz

What security controls provide for the detection of unauthorized access, theft, or alteration of data resources?
A. Data loss prevention (DLP) controls.
B. Change management.
C. Risk avoidance controls.
D. Incident management.

What is the term used for the probability of a potential threat becoming a security incident?
A. Vulnerability.
B. Threat.
C. Incident.
D. Risk.

What type of control methods are intended to mitigate or correct any harm done by the exploitation of a system vulnerability?
A. Preventative.
B. Compensating.
C. Detective.
D. Corrective.

What is the process that identifies the probability of threats becoming incidents?
A. Risk analysis.
B. Risk exposure.
C. Risk assessment.
D. Risk calculation.

What is the security policy that restricts the access authorization of a user to only the resources required to do his or her job?
A. Acceptable use.
B. The principle of least privilege.
C. Privacy policy.
D. Mandatory vacations.