Learning Outcome 01 Sample questions IDENTIFY SECURITY

REQUIREMENTS
Total Marks: 100

Data Security Fundamentals (30 marks)

1. Identify and discuss the three components of the CIA Triad. (6 marks)

2. Describe each of the following security fundamentals:

a. CIA Triad

b. Principle of Least Privilege

c. Defense in Depth Model (9 marks)

3. Explain three applications of computer networks that relate to data security. (6 marks)

4. Why is it important to protect critical data assets? Give three reasons. (3 marks)

5. Describe how the Principle of Least Privilege enhances data security within an organization.

(6 marks)

Identifying and Analyzing Data Sources (25 marks)

6. Discuss the purpose and importance of each of the following data sources in network security
monitoring:

a. Vulnerability Scan Output

b. SIEM Dashboards

c. Log Files (9 marks)

7. Explain the roles of the following monitoring tools and their applications in data security:

a. Bandwidth Monitors

b. Network Monitors

c. Protocol Analyser Output (9 marks)

9. How does a vulnerability scan contribute to the identification of data security risks? (3 marks)

Asset Management and Inventory (15 marks)

10. Define asset inventory and explain its significance in data security management. (5 marks)

11. Describe the main function of Nmap and explain how it is used in asset management. (6 marks)

12. Explain two challenges organizations might face in establishing and maintaining an accurate
asset inventory. (4 marks)

Risk Identification and Management (30 marks)

13. List and define four types of risks commonly associated with data security. (8 marks)

14. Describe each of the following risk management strategies, providing examples where
applicable:

a. Acceptance

b. Avoidance

c. Transference

d. Mitigation (12 marks)

15. What is the importance of risk management in data security, and how does it contribute to
organizational resilience? (5 marks)

16. Identify two benefits of implementing risk avoidance as a risk management strategy. (5 marks)

Compiling and Managing a Risk Register (20 marks)

17. Explain the role of a risk register in data security management and why it is a critical
component. (6 marks)

18. List and describe five essential components of a risk register. (10 marks)

19. Discuss two ways in which a risk register supports effective communication within a security
team. (4 marks)
Answers

Section A: Data Security Fundamentals (30 marks)

1. Identify and discuss the three components of the CIA Triad. (6 marks)

Confidentiality: Ensures that data is only accessible to authorized individuals, preventing

Integrity: Ensures that data remains accurate and unaltered unless changed by authorized entities,
protecting it from tampering.

Availability: Ensures that data and resources are accessible to authorized users when needed,
preventing disruptions in access.

2. Describe each of the following security fundamentals:

a. CIA Triad: Protects data by maintaining confidentiality, integrity, and availability, which are
essential for secure data management.

b. Principle of Least Privilege: Limits user access to only what is necessary for their role,
reducing the risk of unauthorized access.

c. Defense in Depth Model: Uses multiple layers of security controls to protect data, minimizing
risks if one control is breached. (9 marks)

3. Explain three applications of computer networks that relate to data security. (6 marks)

Virtual Private Networks (VPNs): Provide secure, encrypted connections over public networks.

Firewall Protection: Monitors and controls network traffic based on security rules to prevent
unauthorized access.

Intrusion Detection Systems (IDS): Monitor network traffic for suspicious activities and potential
threats.

4. Why is it important to protect critical data assets? Give three reasons.

Protects the organization’s intellectual property.

Maintains customer trust and compliance with regulations.

Prevents financial losses due to data breaches.

5. Describe how the Principle of Least Privilege enhances data security within an
organization. (6 marks)

The Principle of Least Privilege limits each user’s access to only what they need to perform their
job, reducing the risk of accidental or intentional misuse of data and minimizing the damage caused
if an account is compromised.

Identifying and Analyzing Data Sources (25 marks)

6. Discuss the purpose and importance of each of the following data sources in network
security monitoring:

a. Vulnerability Scan Output: Identifies security weaknesses in systems, allowing timely

b. SIEM Dashboards: Aggregate data from various sources, providing a centralized view of
potential security incidents.

c. Log Files: Record events within systems, useful for tracking access and identifying suspicious
activity. (9 marks)

7. Explain the roles of the following monitoring tools and their applications in data security:

a. Bandwidth Monitors: Detect unusual spikes in bandwidth that may indicate data exfiltration
or DDoS attacks.

b. Network Monitors: Track network traffic to detect abnormal patterns that could signal
potential threats.
 c. Protocol Analyser Output: Analyzes protocols and data flows to identify malicious activity
within network communications. (9 marks)

8. Identify two key benefits of using SIEM dashboards in managing network security. (4
marks)

Centralized monitoring: Enables a consolidated view of security events across systems.

Improved threat detection: Correlates events from various sources to identify potential threats
more accurately.

9. How does a vulnerability scan contribute to the identification of data security risks? (3
marks)

A vulnerability scan identifies weak points in the system that can be exploited by attackers,
enabling proactive steps to mitigate these risks before they can be leveraged in an attack.

Asset Management and Inventory (15 marks)

10. Define asset inventory and explain its significance in data security management. (5
marks)

Asset inventory is a comprehensive list of all IT assets within an organization, crucial for
identifying and managing all resources requiring protection. It ensures that security measures are
applied consistently across all assets.

11. Describe the main function of Nmap and explain how it is used in asset management.

(6 marks)

Nmap (Network Mapper) scans and maps network devices, identifying active systems, open ports,
and vulnerabilities. It helps in asset management by providing an updated view of all connected
devices, their security posture, and any unauthorized systems.

12. Explain two challenges organizations might face in establishing and maintaining an
accurate asset inventory. (4 marks)

Frequent changes in assets: Devices and software are frequently added or removed, requiring
constant updates.
Shadow IT: Unauthorized devices or software in use that bypass the inventory process, leading to
security risks.

Risk Identification and Management (30 marks)

13. List and define four types of risks commonly associated with data security. (8 marks)

Operational Risk: Risks arising from failed processes, systems, or policies.

Compliance Risk: Risks from noncompliance with laws and regulations.

Financial Risk: Risks associated with financial loss from data breaches.

Reputational Risk: Risks to the organization’s reputation due to security incidents.

14. Describe each of the following risk management strategies, providing examples where
applicable:

a. Acceptance: Acknowledging a risk but taking no action, often for low impact risks.

b. Avoidance: Eliminating the risk by choosing not to engage in certain activities, such as not
storing sensitive data.

c. Transference: Shifting the risk to another party, such as through cyber insurance.

d. Mitigation: Taking action to reduce the likelihood or impact of the risk, such as implementing
firewalls. (12 marks)

15. What is the importance of risk management in data security, and how does it contribute
to organizational resilience? (5 marks)

Risk management identifies and mitigates potential security threats, enabling proactive planning
and resilience, minimizing disruptions, and protecting the organization’s assets and reputation.

16. Identify two benefits of implementing risk avoidance as a risk management strategy. (5
marks)

Reduces exposure: By avoiding certain activities, organizations can eliminate associated risks.

Focuses resources: Allows organizations to allocate resources to areas with unavoidable risks,
enhancing overall security.
Compiling and Managing a Risk Register (20 marks)

17. Explain the role of a risk register in data security management and why it is a critical
component. (6 marks)

A risk register is a tool for documenting identified risks, their potential impact, and mitigation
measures. It is critical because it provides a structured approach to managing risks, ensuring
accountability and continuous monitoring.

18. List and describe five essential components of a risk register. (10 marks)

Risk ID: A unique identifier for each risk.

Description: Brief details of the risk.

Impact: The potential consequences if the risk materializes.

Likelihood: The probability of the risk occurring.

Mitigation Strategy: Steps taken to prevent or reduce the risk’s impact.

19. Discuss two ways in which a risk register supports effective communication within a
security team. (4 marks)

Clarity on Responsibilities: Clearly defines risk owners and mitigation steps.

Ongoing Updates: Provides a reference for all team members to stay informed on evolving risks
and strategies.