SOC Information Security and Data Privacy Controls

Question 1

What is the primary goal of access control in information security?

Accepted Answer

Restrict unauthorized access

Answer

Create user logs

Answer

Allow open access for audits

Answer

Monitor network performance

Question 2

Which encryption method uses a pair of public and private keys?

Accepted Answer

Asymmetric encryption

Answer

Hashing

Answer

Symmetric encryption

Answer

Data masking

Question 3

Which framework provides criteria for managing privacy risks?

Accepted Answer

NIST Privacy Framework

Answer

COBIT

Answer

ISO 22301

Answer

COSO

Question 4

Which of the following is a key component of a data privacy policy?

Accepted Answer

Data retention requirements

Answer

Network bandwidth rules

Answer

File system cleanup

Answer

System boot sequence

Question 5

Why are audit logs important in information security?

Accepted Answer

To track user activity and system changes

Answer

To back up files

Answer

To encrypt passwords

Answer

To monitor marketing campaigns

Question 6

What control ensures data is not improperly altered?

Accepted Answer

Integrity control

Answer

Confidentiality control

Answer

Availability control

Answer

Firewall policy