SANS SEC 301 Test Bank Exam – Latest
Version A Complete Questions and Correct
Detailed Answers – Latest Update
Here is a comprehensive set of sample questions and answers for the
SANS SEC 301: Introduction to Cyber Security exam. This test bank
covers the core domains of the course, including security fundamentals,
risk management, network security, cryptography, business continuity,
and incident response .
Section 1: Security Fundamentals and Core Concepts – Questions 1-
25
1. Which of the following best defines the concept of "CIA Triad" in
information security?
A. Confidentiality, Integrity, Availability
B. Central Intelligence Agency protocols for cybersecurity
C. Certification, Integration, Authentication
D. Control, Identification, Authorization
Answer: A. Confidentiality, Integrity, Availability
Rationale: The CIA Triad is the foundational model in information
security. Confidentiality ensures data is accessible only to authorized
users. Integrity ensures data is accurate and unaltered. Availability
ensures data and systems are accessible when needed .
,2. A security manager implements a new policy requiring all
employees to use complex passwords and change them every 60
days. Which element of the CIA Triad is this policy primarily designed
to protect?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
Answer: A. Confidentiality
Rationale: Strong password policies primarily protect confidentiality by
ensuring that only authorized users can access systems and data. While
they indirectly support integrity and availability, the primary goal is
access control .
3. An e-commerce website experiences a distributed denial-of-
service (DDoS) attack that prevents customers from placing orders.
Which element of the CIA Triad is being violated?
A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
Answer: C. Availability
Rationale: DDoS attacks flood systems with traffic, making legitimate
services unavailable to users. This directly violates the availability
principle .
,4. Which of the following is an example of a physical security
control?
A. Firewall
B. Encryption software
C. Biometric door lock
D. Password policy
Answer: C. Biometric door lock
Rationale: Physical security controls protect physical assets and include
locks, fences, biometric access systems, and security guards. Firewalls
and encryption are technical controls, while password policies are
administrative controls .
5. A company implements a new policy requiring background checks
for all new hires. This is an example of what type of security control?
A. Technical control
B. Administrative control
C. Physical control
D. Detective control
Answer: B. Administrative control
Rationale: Administrative controls (also called managerial controls)
include policies, procedures, background checks, and security
awareness training. They govern how people interact with information
systems .
, 6. Which type of control is designed to stop an incident from
occurring?
A. Detective control
B. Corrective control
C. Preventive control
D. Compensating control
Answer: C. Preventive control
Rationale: Preventive controls, such as firewalls, locks, and access
controls, are designed to stop security incidents before they happen .
7. An intrusion detection system (IDS) that alerts security personnel
to potential attacks is an example of what type of control?
A. Preventive
B. Detective
C. Corrective
D. Deterrent
Answer: B. Detective control
Rationale: Detective controls identify and alert on ongoing or completed
security incidents. They do not prevent attacks but help organizations
respond to them .
8. Which principle states that users should be granted only the
minimum access necessary to perform their job functions?
Version A Complete Questions and Correct
Detailed Answers – Latest Update
Here is a comprehensive set of sample questions and answers for the
SANS SEC 301: Introduction to Cyber Security exam. This test bank
covers the core domains of the course, including security fundamentals,
risk management, network security, cryptography, business continuity,
and incident response .
Section 1: Security Fundamentals and Core Concepts – Questions 1-
25
1. Which of the following best defines the concept of "CIA Triad" in
information security?
A. Confidentiality, Integrity, Availability
B. Central Intelligence Agency protocols for cybersecurity
C. Certification, Integration, Authentication
D. Control, Identification, Authorization
Answer: A. Confidentiality, Integrity, Availability
Rationale: The CIA Triad is the foundational model in information
security. Confidentiality ensures data is accessible only to authorized
users. Integrity ensures data is accurate and unaltered. Availability
ensures data and systems are accessible when needed .
,2. A security manager implements a new policy requiring all
employees to use complex passwords and change them every 60
days. Which element of the CIA Triad is this policy primarily designed
to protect?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
Answer: A. Confidentiality
Rationale: Strong password policies primarily protect confidentiality by
ensuring that only authorized users can access systems and data. While
they indirectly support integrity and availability, the primary goal is
access control .
3. An e-commerce website experiences a distributed denial-of-
service (DDoS) attack that prevents customers from placing orders.
Which element of the CIA Triad is being violated?
A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
Answer: C. Availability
Rationale: DDoS attacks flood systems with traffic, making legitimate
services unavailable to users. This directly violates the availability
principle .
,4. Which of the following is an example of a physical security
control?
A. Firewall
B. Encryption software
C. Biometric door lock
D. Password policy
Answer: C. Biometric door lock
Rationale: Physical security controls protect physical assets and include
locks, fences, biometric access systems, and security guards. Firewalls
and encryption are technical controls, while password policies are
administrative controls .
5. A company implements a new policy requiring background checks
for all new hires. This is an example of what type of security control?
A. Technical control
B. Administrative control
C. Physical control
D. Detective control
Answer: B. Administrative control
Rationale: Administrative controls (also called managerial controls)
include policies, procedures, background checks, and security
awareness training. They govern how people interact with information
systems .
, 6. Which type of control is designed to stop an incident from
occurring?
A. Detective control
B. Corrective control
C. Preventive control
D. Compensating control
Answer: C. Preventive control
Rationale: Preventive controls, such as firewalls, locks, and access
controls, are designed to stop security incidents before they happen .
7. An intrusion detection system (IDS) that alerts security personnel
to potential attacks is an example of what type of control?
A. Preventive
B. Detective
C. Corrective
D. Deterrent
Answer: B. Detective control
Rationale: Detective controls identify and alert on ongoing or completed
security incidents. They do not prevent attacks but help organizations
respond to them .
8. Which principle states that users should be granted only the
minimum access necessary to perform their job functions?
