SANS SEC 301 EXAM (VERSION A & B) LATEST 2026
TEST BANK| 2 VERSIONS WITH COMPLETE 450 REAL
EXAM QUESTIONS AND CORRECT DETAILED ANSWERS
(VERIFIED ANSWERS) ALREADY GRADED A+| SANS
SEC 301 EXAM PREP (MOST RECENT!!)
Question 1
Which of the following best defines the “CIA triad” in information
security?
A. Confidentiality, Integrity, Availability
B. Centralized Intelligence Agency
C. Control, Implementation, Assessment
D. Compliance, Investigation, Authorization
Answer: A
Rationale: The CIA triad is the foundational model for security
: Confidentiality (secrecy), Integrity (trustworthiness),
and Availability (accessibility). It guides the design of security
controls.
Question 2
An attacker intercepts a network communication and modifies the
data before it reaches the recipient. Which component of the CIA
triad is primarily violated?
1
,A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
Answer: B
Rationale: Integrity ensures that data is not altered in an
unauthorized manner. Modifying data in transit directly attacks
integrity, even if no one else reads it.
Question 3
A DDoS (Distributed Denial-of-Service) attack makes a website
unavailable for several hours. This is a failure of which security
objective?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
Answer: C
Rationale: Availability means that resources are accessible when
needed. DDoS attacks overwhelm a system, rendering it
inaccessible, thus violating availability.
2
,Question 4
A hospital encrypts patient records so that only authorized
doctors can view them. This best exemplifies:
A. Integrity
B. Confidentiality
C. Availability
D. Authorization
Answer: B
Rationale: Confidentiality limits access to authorized parties.
Encryption is a primary tool to enforce confidentiality.
Question 5
The principle of “least privilege” means:
A. Users should be given the highest possible privileges to reduce
support calls
B. Users and processes should have only the minimum privileges
necessary to perform their assigned functions
C. Privileges are determined by seniority
D. All users should have the same level of access
Answer: B
Rationale: Least privilege reduces the attack surface. If an
3
, account is compromised, the attacker gains only limited rights,
minimizing damage.
Question 6
Which of the following is an example of a “preventive” security
control?
A. Intrusion Detection System (IDS)
B. Firewall rule blocking malicious traffic
C. Security audit log
D. Video surveillance camera
Answer: B
Rationale: Preventive controls stop security incidents before they
occur. A firewall actively blocks unwanted traffic. IDS and logs
are detective; surveillance can be deterrent or detective.
Question 7
A security guard verifying employee badges at the entrance is
an example of which control type?
A. Technical
B. Physical
C. Administrative
D. Compensating
4
TEST BANK| 2 VERSIONS WITH COMPLETE 450 REAL
EXAM QUESTIONS AND CORRECT DETAILED ANSWERS
(VERIFIED ANSWERS) ALREADY GRADED A+| SANS
SEC 301 EXAM PREP (MOST RECENT!!)
Question 1
Which of the following best defines the “CIA triad” in information
security?
A. Confidentiality, Integrity, Availability
B. Centralized Intelligence Agency
C. Control, Implementation, Assessment
D. Compliance, Investigation, Authorization
Answer: A
Rationale: The CIA triad is the foundational model for security
: Confidentiality (secrecy), Integrity (trustworthiness),
and Availability (accessibility). It guides the design of security
controls.
Question 2
An attacker intercepts a network communication and modifies the
data before it reaches the recipient. Which component of the CIA
triad is primarily violated?
1
,A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation
Answer: B
Rationale: Integrity ensures that data is not altered in an
unauthorized manner. Modifying data in transit directly attacks
integrity, even if no one else reads it.
Question 3
A DDoS (Distributed Denial-of-Service) attack makes a website
unavailable for several hours. This is a failure of which security
objective?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
Answer: C
Rationale: Availability means that resources are accessible when
needed. DDoS attacks overwhelm a system, rendering it
inaccessible, thus violating availability.
2
,Question 4
A hospital encrypts patient records so that only authorized
doctors can view them. This best exemplifies:
A. Integrity
B. Confidentiality
C. Availability
D. Authorization
Answer: B
Rationale: Confidentiality limits access to authorized parties.
Encryption is a primary tool to enforce confidentiality.
Question 5
The principle of “least privilege” means:
A. Users should be given the highest possible privileges to reduce
support calls
B. Users and processes should have only the minimum privileges
necessary to perform their assigned functions
C. Privileges are determined by seniority
D. All users should have the same level of access
Answer: B
Rationale: Least privilege reduces the attack surface. If an
3
, account is compromised, the attacker gains only limited rights,
minimizing damage.
Question 6
Which of the following is an example of a “preventive” security
control?
A. Intrusion Detection System (IDS)
B. Firewall rule blocking malicious traffic
C. Security audit log
D. Video surveillance camera
Answer: B
Rationale: Preventive controls stop security incidents before they
occur. A firewall actively blocks unwanted traffic. IDS and logs
are detective; surveillance can be deterrent or detective.
Question 7
A security guard verifying employee badges at the entrance is
an example of which control type?
A. Technical
B. Physical
C. Administrative
D. Compensating
4
