Security & Compliance Knowledge Check
Instructions
Section titled “Instructions”Test your understanding of security and compliance concepts covered in Module 2.
Passing Score: 80% (8 out of 10 questions correct)
Questions
Section titled “Questions”Question 1
Section titled “Question 1”What does the CIA triad in information security represent?
A) Central Intelligence Agency guidelines B) Confidentiality, Integrity, Availability C) Cloud Infrastructure Architecture D) Compliance, Identity, Access
Click to reveal answer
Correct Answer: B
Explanation: The CIA triad represents the three fundamental principles of information security.
Reference: /level-50/module-02-security-compliance/security-compliance-basics/
Question 2
Section titled “Question 2”Which authentication factor includes passwords and PINs?
A) Something you are B) Something you have C) Something you know D) Somewhere you are
Click to reveal answer
Correct Answer: C
Explanation: Knowledge factors include passwords, PINs, and security questions.
Reference: /level-50/module-02-security-compliance/data-protection-principles/
Question 3
Section titled “Question 3”What is the principle of least privilege?
A) Giving users maximum access for convenience B) Providing minimum necessary permissions for job function C) Allowing equal access for all users D) Restricting access only to sensitive data
Click to reveal answer
Correct Answer: B
Explanation: Least privilege means providing only the minimum permissions necessary.
Reference: /level-50/module-02-security-compliance/compliance-frameworks/
Question 4
Section titled “Question 4”Which compliance framework is specifically for healthcare data in the US?
A) GDPR B) SOC 2 C) HIPAA D) PCI DSS
Click to reveal answer
Correct Answer: C
Explanation: HIPAA specifically protects healthcare data in the United States.
Reference: /level-50/module-02-security-compliance/security-compliance-basics/
Question 5
Section titled “Question 5”What does “defense in depth” mean?
A) Having the strongest perimeter security B) Using multiple layers of security controls C) Focusing on the most critical vulnerabilities D) Implementing security only at network level
Click to reveal answer
Correct Answer: B
Explanation: Defense in depth uses multiple security layers for comprehensive protection.
Reference: /level-50/module-02-security-compliance/data-protection-principles/
Question 6
Section titled “Question 6”What is the primary purpose of data classification?
A) To organize files in folders B) To determine appropriate protection levels C) To improve search capabilities D) To reduce storage costs
Click to reveal answer
Correct Answer: B
Explanation: Data classification determines what protection measures are needed.
Reference: /level-50/module-02-security-compliance/compliance-frameworks/
Question 7
Section titled “Question 7”Which type of encryption protects data during transmission?
A) Encryption at rest B) Encryption in use C) Encryption in transit D) Encryption in storage
Click to reveal answer
Correct Answer: C
Explanation: Encryption in transit protects data moving between systems.
Reference: /level-50/module-02-security-compliance/security-compliance-basics/
Question 8
Section titled “Question 8”What is multi-factor authentication designed to provide?
A) Faster login times B) Single sign-on capability C) Enhanced security through multiple verification methods D) Simplified password management
Click to reveal answer
Correct Answer: C
Explanation: MFA enhances security by requiring multiple forms of verification.
Reference: /level-50/module-02-security-compliance/data-protection-principles/
Question 9
Section titled “Question 9”In RBAC, what are permissions typically assigned to?
A) Individual users directly B) Roles that users are assigned to C) Applications and systems D) Network segments
Click to reveal answer
Correct Answer: B
Explanation: In RBAC, permissions are assigned to roles, and users are assigned to roles.
Reference: /level-50/module-02-security-compliance/compliance-frameworks/
Question 10
Section titled “Question 10”What is the shared responsibility model in cloud security?
A) All security is the provider’s responsibility B) All security is the customer’s responsibility C) Clear division of security responsibilities between provider and customer D) Security responsibilities are shared equally
Click to reveal answer
Correct Answer: C
Explanation: The shared responsibility model clearly divides security responsibilities.
Reference: /level-50/module-02-security-compliance/security-compliance-basics/
Scoring
Section titled “Scoring”- 8-10 correct: Excellent understanding, proceed to Module 3
- 6-7 correct: Good understanding, review missed concepts
- Below 6: Review Module 2 content before proceeding
Next Steps
Section titled “Next Steps”- ✅ Review any missed concepts
- ✅ Proceed to Microsoft Azure Overview
- ✅ Continue with Module 3: Azure Fundamentals
Assessment Created: November 2025