1. Which of the following are examples of technical control? [Choose all that apply]

a)-Alarm systems

b)-Router

c)-A non-disclosure agreement (NDA)

d)-Dead-bolted steel doors

e)-Firewall

2. Which type of control identifies a security risk that might be present in a policy, process, or procedure?

a)-Detective

b)-Corrective

c)-Compensating

d)-Preventative

e)-Deterrent

3. Which of the following standard/law focuses on protecting the financial non-public information?

a)-GRAMM-LEACH-BILLEY ACT (GLBA)

b)-Health Insurance Portability and Accountability Act (HIPAA)

c)-Federal Information Security Management Act (FISMMA)

d)-US Privacy Act of 1974

4. Which of the following ISO framework provides requirements for an information security management system and focuses on managing information security within an organization?

a)-31000

b)-27701

c)-27002

d)-27001

5. Which of the following standards provide guidelines for hardening a Webserver?

a)-Center for Internet Security (CIS)

b)-International Organization for Standardization (ISO)

c)-Cloud Control Matrix (CCM)

d)-Statements on Standards for Attestation Engagements (SSAE)