SANS SEC 301 SIMULATION MIDTERM EXAM
2026 QUESTIONS AND SOLUTIONS
GUARANTEED TO PASS
◉ The cornerstone of all security: Everyting done in security addresses
one or more of these three things
Confidentiality, Integrity, availability
Confidentiality - Only those who need to access something can; ties into
principle of least privilege
Integrity - data is edited correctly and by the right people. Failure ex.:
Delta $5 tickets round trip tickets to anywhere Delta flies/attach on
pricing database
Availability - If you cannot use it, why do you have it. Answer: CIA
Triad
◉ Pharmaceuticals and government, research. Answer: Confidentiality
◉ Financials maintained in part by confidentiality. Answer: Integrity
◉ eCommerce Ex. Amazon make $133,000/per minute thus denial of
service is critical business impact; power company need to keep lights
on = availability issue. Answer: Availability
,◉ Authentication, Authorization, Accountability. Answer: AAA
◉ Detailed steps to make policy happen. Answer: Procedure
◉ Policy, Procedure and Training. Answer: PPT
◉ Users must know what policies and procedures say to follow them.
Answer: Training
◉ Broad general statement of management's intent to protect
information. Answer: Policy
◉ A security professional needs to be:
1/3 technologist
1/3 manager
1/3 lawyer
-Tkhis is the perfect summation of the career field.
-Technology supports security efforts
-Management decisions (and budgets) drive security
-Legal issues mandate security requirements. Answer: Security by
Thirds
,◉ Senior Mgmt:
-Has legal responsibility to protect the assets of the org:
That give him the ultimate responsibility for security
-Authority can be delegated - responsibility cannot be
Data owner - person or office with primary responsibility for data;
owners determine classification, protective measures and more
Data custodian - the person/group that implement the controls; make the
decisions of the owner happens
Users - use data; are also automatically data custodians. Answer:
Security Roles and Responsiblities
◉ safety of people. Answer: Number 1 Goal of Security
◉ years ago: teenagers
today: we face organized crime and nation states
-well funded
-highly motivated
disgruntled insider: difficult to counter; tends to be subtle; often
damaging or even devastating
, Accidental insider: common; also tend to be subtle; in aggregate - even
ore damaging
Outsider threat source - inside threat actor: a growing proble, the current
most-common attack vector
2014 - 47% of U. S. adults had private data compromised in a breach
(NBC News)
FBI can prove it was North Korea that attacked Sony. Answer: Nature of
the Threat
◉ . Answer: Security Policy
◉ . Answer: Separation of Duties
◉ . Answer: Acceptable Use Policy
◉ verify identity; is Keith really Keith?
(1) Verifying the integrity of a transmitted message. See message
integrity, e-mail authentication and MAC.
(2) Verifying the identity of a user logging into a network. Passwords,
digital certificates, smart cards and biometrics can be used to prove the
2026 QUESTIONS AND SOLUTIONS
GUARANTEED TO PASS
◉ The cornerstone of all security: Everyting done in security addresses
one or more of these three things
Confidentiality, Integrity, availability
Confidentiality - Only those who need to access something can; ties into
principle of least privilege
Integrity - data is edited correctly and by the right people. Failure ex.:
Delta $5 tickets round trip tickets to anywhere Delta flies/attach on
pricing database
Availability - If you cannot use it, why do you have it. Answer: CIA
Triad
◉ Pharmaceuticals and government, research. Answer: Confidentiality
◉ Financials maintained in part by confidentiality. Answer: Integrity
◉ eCommerce Ex. Amazon make $133,000/per minute thus denial of
service is critical business impact; power company need to keep lights
on = availability issue. Answer: Availability
,◉ Authentication, Authorization, Accountability. Answer: AAA
◉ Detailed steps to make policy happen. Answer: Procedure
◉ Policy, Procedure and Training. Answer: PPT
◉ Users must know what policies and procedures say to follow them.
Answer: Training
◉ Broad general statement of management's intent to protect
information. Answer: Policy
◉ A security professional needs to be:
1/3 technologist
1/3 manager
1/3 lawyer
-Tkhis is the perfect summation of the career field.
-Technology supports security efforts
-Management decisions (and budgets) drive security
-Legal issues mandate security requirements. Answer: Security by
Thirds
,◉ Senior Mgmt:
-Has legal responsibility to protect the assets of the org:
That give him the ultimate responsibility for security
-Authority can be delegated - responsibility cannot be
Data owner - person or office with primary responsibility for data;
owners determine classification, protective measures and more
Data custodian - the person/group that implement the controls; make the
decisions of the owner happens
Users - use data; are also automatically data custodians. Answer:
Security Roles and Responsiblities
◉ safety of people. Answer: Number 1 Goal of Security
◉ years ago: teenagers
today: we face organized crime and nation states
-well funded
-highly motivated
disgruntled insider: difficult to counter; tends to be subtle; often
damaging or even devastating
, Accidental insider: common; also tend to be subtle; in aggregate - even
ore damaging
Outsider threat source - inside threat actor: a growing proble, the current
most-common attack vector
2014 - 47% of U. S. adults had private data compromised in a breach
(NBC News)
FBI can prove it was North Korea that attacked Sony. Answer: Nature of
the Threat
◉ . Answer: Security Policy
◉ . Answer: Separation of Duties
◉ . Answer: Acceptable Use Policy
◉ verify identity; is Keith really Keith?
(1) Verifying the integrity of a transmitted message. See message
integrity, e-mail authentication and MAC.
(2) Verifying the identity of a user logging into a network. Passwords,
digital certificates, smart cards and biometrics can be used to prove the
