InfrastructureSecurity Specialist Associate DCA Practice Exam, Exams of Technology

This exam evaluates knowledge of infrastructure security fundamentals such as physical security design, network infrastructure protection, intrusion detection, critical asset management, cloud infrastructure security practices, encryption use, vulnerability assessment, and secure configuration standards. Includes hands-on scenario questions involving data center protection, endpoint hardening, disaster recovery, and secure connectivity. Suitable for early-career infrastructure and cybersecurity professionals.

Typology: Exams

2025/2026

Available from 01/14/2026

shilpi-jain-1
shilpi-jain-1 🇮🇳

4.2

(5)

29K documents

1 / 90

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
InfrastructureSecurity Specialist Associate
DCA Practice Exam
**Question 1.** Which governance framework is most closely aligned with the
“PlanDoCheckAct” (PDCA) cycle for information security management?
A) COBIT
B) ISO/IEC 27001
C) NIST CSF
D) ITIL
Answer: B
Explanation: ISO/IEC 27001 explicitly structures its Information Security Management System
(ISMS) around the PDCA model, guiding continual improvement of security controls.
**Question 2.** In a RACI matrix for a security program, who is typically responsible for
authorizing the final security policy?
A) Responsible
B) Accountable
C) Consulted
D) Informed
Answer: B
Explanation: The “Accountable” role holds ultimate ownership and decisionmaking authority,
such as approving security policies.
**Question 3.** A company wants to embed security awareness into its corporate culture.
Which of the following is the most effective first step?
A) Conduct a onetime phishing test.
B) Publish a lengthy security handbook.
C) Integrate security objectives into employee performance reviews.
D) Hire an external security consultant.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a

Partial preview of the text

Download InfrastructureSecurity Specialist Associate DCA Practice Exam and more Exams Technology in PDF only on Docsity!

DCA Practice Exam

Question 1. Which governance framework is most closely aligned with the “Plan‑Do‑Check‑Act” (PDCA) cycle for information security management? A) COBIT B) ISO/IEC 27001 C) NIST CSF D) ITIL Answer: B Explanation: ISO/IEC 27001 explicitly structures its Information Security Management System (ISMS) around the PDCA model, guiding continual improvement of security controls. Question 2. In a RACI matrix for a security program, who is typically responsible for authorizing the final security policy? A) Responsible B) Accountable C) Consulted D) Informed Answer: B Explanation: The “Accountable” role holds ultimate ownership and decision‑making authority, such as approving security policies. Question 3. A company wants to embed security awareness into its corporate culture. Which of the following is the most effective first step? A) Conduct a one‑time phishing test. B) Publish a lengthy security handbook. C) Integrate security objectives into employee performance reviews. D) Hire an external security consultant.

DCA Practice Exam

Answer: C Explanation: Tying security behavior to performance metrics creates ongoing accountability and cultural reinforcement. Question 4. Which legal principle requires an organization to protect personal data against unauthorized access and disclosure? A) Duty of Care B) Data Minimization C) Right to be Forgotten D) Confidentiality Obligation under GDPR Answer: D Explanation: GDPR mandates that controllers implement appropriate technical and organizational measures to ensure data confidentiality. Question 5. When developing a security strategy, the “Desired State” is best described as: A) The current inventory of assets. B) The set of controls already in place. C) The future security posture aligned with business goals. D) The budget allocated for security projects. Answer: C Explanation: The Desired State articulates the target security condition the organization aims to achieve, reflecting business objectives and risk appetite. Question 6. Which component of a business case for a security investment directly addresses the “risk‑to‑benefit” analysis? A) Cost‑Benefit Ratio

DCA Practice Exam

A. Encryption of all data at rest. B. Classification of data based on sensitivity. C. Deployment of firewalls at the network perimeter. D. Use of multi‑factor authentication for all users. Answer: B Explanation: Information governance involves establishing policies for data classification, handling, and lifecycle management. Question 10. When budgeting for a multi‑year security program, which metric best supports justification for ongoing funding? A. Number of firewalls deployed. B. Percentage of assets scanned for vulnerabilities. C. Reduction in residual risk over time. D. Total number of security staff hired. Answer: C Explanation: Demonstrating a measurable decline in residual risk validates continued investment and aligns with strategic objectives. Question 11. In risk assessment, which technique converts likelihood and impact scores into a single numeric value? A. Qualitative risk matrix B. Monte Carlo simulation C. Quantitative risk analysis using Annualized Loss Expectancy (ALE) D. SWOT analysis Answer: C

DCA Practice Exam

Explanation: Quantitative risk analysis, such as ALE, multiplies probability (annual rate of occurrence) by impact (single loss expectancy) to produce a numeric risk value. Question 12. Which of the following best describes a “threat actor”? A. The vulnerability present in a system. B. The organization’s security policy. C. The individual or group that may exploit a vulnerability. D. The asset that is being protected. Answer: C Explanation: A threat actor is the person, group, or entity capable of initiating an attack against a target. Question 13. A qualitative risk assessment is most appropriate when: A. Precise monetary loss values are required. B. Historical incident data is abundant. C. Stakeholder perception of risk is a key driver. D. The organization has a mature risk management framework. Answer: C Explanation: Qualitative assessments rely on subjective judgments and stakeholder perceptions rather than exact numerical data. Question 14. Which risk treatment option involves transferring the financial impact of a risk to a third party? A. Mitigation B. Acceptance C. Avoidance

DCA Practice Exam

A. Reduce the number of assets owned. B. Update risk assessments with emerging threats. C. Eliminate all vulnerabilities. D. Increase the frequency of security training. Answer: B Explanation: Ongoing threat intelligence enables timely updates to risk registers and control priorities. Question 18. Which report is most suitable for presenting risk status to the Board of Directors? A. Detailed technical vulnerability scan report B. Executive risk dashboard summarizing key risks and treatment status C. Daily incident ticket log D. IT service level agreement (SLA) compliance report Answer: B Explanation: Board‑level reports require concise, high‑level overviews of risk exposure and remediation progress. Question 19. Integration of risk management into IT processes is best achieved by: A. Conducting risk assessments annually only. B. Embedding risk owners in change management workflows. C. Isolating risk activities from development teams. D. Outsourcing all risk decisions to a consulting firm. Answer: B Explanation: Including risk owners in change management ensures that new changes are evaluated for risk impact before implementation.

DCA Practice Exam

Question 20. When selecting security controls from ISO/IEC 27002:2022, which principle should guide the choice? A. Choose the most expensive controls. B. Implement all controls regardless of relevance. C. Select controls that address identified risks and align with business objectives. D. Apply controls only to external-facing systems. Answer: C Explanation: Controls must be risk‑driven and support the organization’s strategic goals, ensuring efficient resource use. Question 21. Asset classification that emphasizes “Availability” is most critical for which type of asset? A. Intellectual property documents B. Customer credit card numbers C. Real‑time patient monitoring system D. Historical financial records Answer: C Explanation: Real‑time monitoring systems require high availability to ensure patient safety; confidentiality is secondary. Question 22. Which security architecture principle ensures that a compromise in one component does not automatically compromise the entire system? A. Defense in depth B. Least privilege C. Segmentation (or isolation)

DCA Practice Exam

C. Replace regular vulnerability scanning. D. Train the incident response team. Answer: B Explanation: Pen tests simulate real attacks to uncover exploitable weaknesses in systems and processes. Question 26. Which of the following is a Key Risk Indicator (KRI) for insider threat risk? A. Number of external ports open on the firewall. B. Frequency of privileged account password changes. C. Average time to resolve a vulnerability. D. Number of successful phishing attempts reported. Answer: D Explanation: Reported phishing successes indicate user susceptibility and potential insider compromise. Question 27. A KPI that measures “Mean Time to Detect” (MTTD) is most relevant to which security domain? A. Governance and Strategy B. Risk Management C. Program Development D. Incident Management Answer: D Explanation: MTTD assesses the speed of detecting security incidents, a core performance indicator for incident response. Question 28. The PDCA cycle’s “Check” phase primarily involves:

DCA Practice Exam

A. Deploying new security technologies. B. Monitoring and measuring control performance against objectives. C. Defining security policies. D. Conducting risk assessments. Answer: B Explanation: “Check” focuses on evaluating whether controls meet defined goals and identifying gaps. Question 29. Which of the following best exemplifies a “preventive” control? A. Log file analysis after an incident. B. Multi‑factor authentication for remote access. C. Incident post‑mortem review. D. Backup restoration testing. Answer: B Explanation: MFA prevents unauthorized access before it occurs, making it a preventive control. Question 30. Which control type is considered “detective”? A. Encryption of data at rest. B. Network intrusion detection system (NIDS). C. Role‑based access control (RBAC). D. Security awareness training. Answer: B Explanation: NIDS monitors traffic to identify malicious activity after it has begun, serving a detective function.

DCA Practice Exam

Explanation: Critical incidents have significant impact and require executive oversight and decision‑making. Question 34. The primary purpose of containment in incident response is to: A. Eradicate the root cause. B. Preserve evidence for forensics. C. Limit the spread of the malicious activity. D. Restore services to normal operation. Answer: C Explanation: Containment aims to prevent further damage by isolating affected systems or networks. Question 35. Which of the following is an essential component of evidence handling for digital forensics? A. Deleting logs to protect privacy. B. Maintaining a chain of custody documentation. C. Encrypting evidence after collection only. D. Using any available tool for analysis, regardless of validation. Answer: B Explanation: A documented chain of custody ensures evidence integrity and admissibility in legal proceedings. Question 36. A “lessons learned” meeting should be scheduled: A. Immediately after the incident is declared closed. B. One year after the incident to allow for reflection. C. Only if the incident caused financial loss.

DCA Practice Exam

D. After the next audit cycle. Answer: A Explanation: Prompt debriefs capture accurate details and enable timely improvements to processes. Question 37. Which regulatory framework specifically mandates a “Data Protection Impact Assessment” (DPIA) for high‑risk processing? A. HIPAA B. PCI DSS C. GDPR D. SOX Answer: C Explanation: GDPR requires DPIAs when processing activities are likely to result in high risk to individuals’ rights and freedoms. Question 38. In ISO/IEC 27001, the term “Statement of Applicability” (SoA) refers to: A. A list of all assets owned by the organization. B. Documentation of which controls are selected and why. C. The incident response escalation matrix. D. The risk treatment plan. Answer: B Explanation: The SoA declares the controls chosen from Annex A and justifies their inclusion or exclusion. Question 39. Which of the following is a primary objective of a Security Operations Center (SOC)?

DCA Practice Exam

Question 42. In the context of supply‑chain security, a “vendor risk rating” is primarily used to: A. Determine the price of services. B. Prioritize monitoring and mitigation efforts based on risk level. C. Evaluate the vendor’s marketing strategy. D. Assign internal staff to the vendor. Answer: B Explanation: Risk ratings classify vendors by their security posture, guiding resource allocation for oversight. Question 43. Which of the following is a typical output of a vulnerability assessment? A. Incident response playbook. B. List of identified vulnerabilities with severity ratings. C. Business continuity plan. D. Security awareness training curriculum. Answer: B Explanation: Vulnerability assessments produce a catalog of weaknesses, often scored using CVSS or similar metrics. Question 44. A “hot‑site” in disaster recovery planning is defined as: A. A backup data center with identical hardware, ready for immediate activation. B. A remote office used for temporary staff relocation. C. A cloud‑based storage repository. D. An off‑site tape archive. Answer: A

DCA Practice Exam

Explanation: Hot‑sites provide a fully operational environment that can take over operations with minimal downtime. Question 45. Which of the following best illustrates “risk avoidance”? A. Purchasing cyber‑insurance for ransomware attacks. B. Discontinuing a high‑risk online payment service. C. Implementing a firewall to block malicious traffic. D. Accepting the risk because mitigation cost is too high. Answer: B Explanation: Avoidance eliminates exposure by removing the activity that creates the risk. Question 46. In the NIST Cybersecurity Framework, the “Identify” function includes: A. Detecting anomalies. B. Developing incident response plans. C. Asset Management and Governance. D. Recovering from incidents. Answer: C Explanation: “Identify” covers understanding the environment, including asset inventory and governance structures. Question 47. Which of the following is an example of a “corrective” control? A. Enforcing password complexity. B. Conducting regular security awareness training. C. Applying a patch after a vulnerability is discovered. D. Installing a firewall.

DCA Practice Exam

C. Asset inventories are static. D. Security budgets are fixed. Answer: A Explanation: Ongoing changes in the threat landscape and technology require regular reassessment of risk. Question 51. Which of the following statements best describes “defense in depth”? A. Using a single firewall to protect the entire network. B. Applying multiple, layered security controls across the environment. C. Relying solely on encryption for data protection. D. Implementing only preventive controls. Answer: B Explanation: Defense in depth employs overlapping controls (preventive, detective, corrective) at various layers to increase resilience. Question 52. A security policy that mandates encryption for all data transmitted over public networks addresses which CIA triad element most directly? A. Confidentiality B. Integrity C. Availability D. Accountability Answer: A Explanation: Encryption protects data from unauthorized disclosure, ensuring confidentiality during transmission.

DCA Practice Exam

Question 53. Which of the following is a common indicator that a supply‑chain attack may be occurring? A. Sudden increase in network bandwidth usage. B. Unexpected changes in third‑party software binaries. C. Regularly scheduled system backups. D. Low CPU utilization on servers. Answer: B Explanation: Unauthorized modifications to vendor‑provided code are a hallmark of supply‑chain compromises. Question 54. In a risk register, the “Likelihood” column typically uses which scale? A. 1‑10 numeric scale. B. High, Medium, Low. C. Yes/No. D. Dollar values. Answer: B Explanation: Qualitative risk registers often categorize likelihood as High, Medium, or Low for simplicity. Question 55. Which control family in ISO/IEC 27002 addresses “Cryptographic Controls”? A. A.8 – Asset Management B. A.10 – Cryptography C. A.12 – Operations Security D. A.14 – System Acquisition, Development and Maintenance Answer: B