IBM Security Foundations Practice Exam: Test Your Knowledge 2025

What is the primary purpose of the CIA triad in information security?

A financial institution needs to implement defense in depth. Which approach best represents this security strategy?

Which security principle states that users should only have the minimum level of access necessary to perform their job functions?

An organization discovers that an employee accessed sensitive customer data without authorization. Which type of threat does this represent?

A security team is implementing a risk management framework. After identifying and analyzing risks, they decide to purchase cyber insurance to cover potential losses from a data breach. What risk management strategy are they employing?

In a zero trust security model, which statement best describes the fundamental approach to network access?

What is the primary function of a firewall in network security?

A company needs to secure data transmission between their headquarters and remote branch offices over the Internet. Which technology should they implement?

An Intrusion Detection System (IDS) has identified suspicious activity on the network. What is the key difference between an IDS and an Intrusion Prevention System (IPS)?

What type of encryption ensures that data stored on hard drives, databases, or backup media remains protected even if the physical storage is compromised?

A security architect is designing a network segmentation strategy to isolate sensitive payment card data from the general corporate network. Which approach best supports this requirement while maintaining PCI DSS compliance principles?

What is the primary purpose of Multi-Factor Authentication (MFA)?

An employee has left the company. According to identity and access management best practices, what should be the immediate action regarding their access credentials?

What is the primary benefit of implementing Single Sign-On (SSO) in an enterprise environment?

In Role-Based Access Control (RBAC), access permissions are assigned based on what criteria?

An organization implements privileged access management (PAM) for administrator accounts. Which capability is most critical to include in this solution?

During a security incident, what is the primary purpose of the containment phase in the incident response process?

A Security Operations Center (SOC) analyst receives an alert about unusual outbound network traffic from a server. What should be the first step in responding to this potential incident?

What is the primary purpose of maintaining chain of custody in a security incident investigation?

An organization conducts regular vulnerability assessments and penetration testing. What is the key difference between these two activities?