Security & Compliance Knowledge Check
Instructions
Test your understanding of security and compliance concepts covered in Module 2.
Passing Score: 80% (8 out of 10 questions correct)
Questions
Question 1
What does the CIA triad in information security represent?
A) Central Intelligence Agency guidelines B) Confidentiality, Integrity, Availability C) Cloud Infrastructure Architecture D) Compliance, Identity, Access
Click to reveal answer
Correct Answer: B
Explanation: The CIA triad represents the three fundamental principles of information security.
Question 2
Which authentication factor includes passwords and PINs?
A) Something you are B) Something you have C) Something you know D) Somewhere you are
Click to reveal answer
Correct Answer: C
Explanation: Knowledge factors include passwords, PINs, and security questions.
Question 3
What is the principle of least privilege?
A) Giving users maximum access for convenience B) Providing minimum necessary permissions for job function C) Allowing equal access for all users D) Restricting access only to sensitive data
Click to reveal answer
Correct Answer: B
Explanation: Least privilege means providing only the minimum permissions necessary.
Question 4
Which compliance framework is specifically for healthcare data in the US?
A) GDPR B) SOC 2 C) HIPAA D) PCI DSS
Click to reveal answer
Correct Answer: C
Explanation: HIPAA specifically protects healthcare data in the United States.
Question 5
What does “defense in depth” mean?
A) Having the strongest perimeter security B) Using multiple layers of security controls C) Focusing on the most critical vulnerabilities D) Implementing security only at network level
Click to reveal answer
Correct Answer: B
Explanation: Defense in depth uses multiple security layers for comprehensive protection.
Question 6
What is the primary purpose of data classification?
A) To organize files in folders B) To determine appropriate protection levels C) To improve search capabilities D) To reduce storage costs
Click to reveal answer
Correct Answer: B
Explanation: Data classification determines what protection measures are needed.
Question 7
Which type of encryption protects data during transmission?
A) Encryption at rest B) Encryption in use C) Encryption in transit D) Encryption in storage
Click to reveal answer
Correct Answer: C
Explanation: Encryption in transit protects data moving between systems.
Question 8
What is multi-factor authentication designed to provide?
A) Faster login times B) Single sign-on capability C) Enhanced security through multiple verification methods D) Simplified password management
Click to reveal answer
Correct Answer: C
Explanation: MFA enhances security by requiring multiple forms of verification.
Question 9
In RBAC, what are permissions typically assigned to?
A) Individual users directly B) Roles that users are assigned to C) Applications and systems D) Network segments
Click to reveal answer
Correct Answer: B
Explanation: In RBAC, permissions are assigned to roles, and users are assigned to roles.
Question 10
What is the shared responsibility model in cloud security?
A) All security is the provider’s responsibility B) All security is the customer’s responsibility C) Clear division of security responsibilities between provider and customer D) Security responsibilities are shared equally
Click to reveal answer
Correct Answer: C
Explanation: The shared responsibility model clearly divides security responsibilities.
Scoring
- 8-10 correct: Excellent understanding, proceed to Module 3
- 6-7 correct: Good understanding, review missed concepts
- Below 6: Review Module 2 content before proceeding
Next Steps
- ✅ Review any missed concepts
- ✅ Proceed to Microsoft Azure Overview
- ✅ Continue with Module 3: Azure Fundamentals
Assessment Created: November 2025