TQ security assessment questions and answers
Q1. A Security team is working with a client to evaluate the security of data and IT functions that are most critical to the operation and success of their organization. Which three security goals align and prioritize security efforts to the business goals?
Ans: Confidentiality, Integrity, and Availability
Q. Company A acquired Company B and they realize that their standard security policy documents do not match. They escalate this issue to the company’s central Security team, who implements a plan to formalize security strategy, high-level responsibilities, policies and procedures around security of both companies. Which security principle is illustrated in this example?
Q. A client wishes to update their legacy system even though there have been no security breaches since its implementation five years ago. If the client has not suffered any attacks, why is it still necessary to update their system?
Ans: Because new security threats emerge all the time.
Q. What is IT Company A ’s approach when it comes to helping our clients with security?
Ans: Create a universal security solution to fit the needs of all clients. IT Comoany A ‘s unique platform can be embedded in any client architecture.
Q. What does “The Principle of Least Privilege” mean as applied to security?
Ans: Each user should have only the absolute minimum permissions necessary to complete their current responsibilities.
Q. IT Company A ’s Security practice makes use of a number of accelerators when building solutions for our clients. What is the purpose of these accelerators?
Ans: to deploy and integrate security features in a shorter period of time
Q. Which term refers to the fraudulent practice of using email communication to induce individuals to divulge confidential or personal information?