Practice Library
All MCQs
Browse exam-wise, subject-wise, and country-wise MCQs with explanations.
Choose an option to check your answer.
Correct Answer: B. collecting, processing, storing, and distributing information
Explanation:
Information systems combine people, process, data and technology.
Choose an option to check your answer.
Correct Answer: B. mandatory legal obligations for protecting information
Explanation:
Compliance reduces legal, financial, and reputational risk.
Choose an option to check your answer.
Correct Answer: C. a high-level management statement for information security
Explanation:
Policies communicate management direction and expectations.
Choose an option to check your answer.
Correct Answer: D. safeguards that prevent, detect, or correct security problems
Explanation:
Controls are selected according to risk and requirements.
Choose an option to check your answer.
Correct Answer: C. aligning protection requirements with organizational objectives
Explanation:
Secure planning builds protection into systems before deployment.
Choose an option to check your answer.
Correct Answer: C. documented security requirements or accepted practices
Explanation:
Standards provide consistent security expectations.
Choose an option to check your answer.
Correct Answer: C. a detailed set of steps to implement a policy
Explanation:
Procedures translate policies into repeatable actions.
Choose an option to check your answer.
Correct Answer: A. identifying, assessing, treating, and monitoring risk
Explanation:
Risk management prioritizes protection based on likelihood and impact.
Choose an option to check your answer.
Correct Answer: D. a high-level management statement for information security
Explanation:
Policies communicate management direction and expectations.
Choose an option to check your answer.
Correct Answer: D. safeguards that prevent, detect, or correct security problems
Explanation:
Controls are selected according to risk and requirements.
Choose an option to check your answer.
Correct Answer: D. identifying, owning, classifying, and protecting valuable resources
Explanation:
Asset management helps organizations know what must be protected.
Choose an option to check your answer.
Correct Answer: B. categorize, select, implement, assess, authorize, and monitor
Explanation:
NIST RMF provides a structured security risk process.