Section 5.1 Demonstrate your acquired knowledge about elements of effective security governance. This will demonstrate your proficiency for section 5.1 of the Security+ SY0-701 objectives. 1 / 25 What ensures global security frameworks align with local regulations? Crosswalk matrices Compliance drills Encryption suites Executive boards 2 / 25 How do policies contribute to security governance? Limit logs Remove risks Define requirements Predict traffic 3 / 25 What is the main function of a playbook in governance? Suggest optional actions Track license usage Guide repeatable responses Replace policies entirely 4 / 25 Which tool is typically used during response simulations to improve readiness? Tabletop exercise Code walkthrough Logic tree audit Risk profile 5 / 25 Which type of external governance driver includes GDPR or HIPAA? Industry ethics Legal mandates Government loans System standards 6 / 25 A data custodian is responsible for which of the following tasks? Granting access Monitoring trends Maintaining data integrity Setting risk thresholds 7 / 25 Which term defines the legal party responsible for data decisions? Analyst Controller Steward Owner 8 / 25 Why is encryption standardization important in policy development? It simplifies code It improves UI It ensures uniform protection It speeds auditing 9 / 25 Which security document outlines exact response steps during a breach? Audit ledger Incident response plan Business license Ethics agreement 10 / 25 Which process ensures outdated policies are corrected over time? Role tracking Baseline logging Monitoring and revision Standard cataloging 11 / 25 Which type of governance structure may lead to inconsistent control enforcement? Open-source model Centralized schema Decentralized authority Regulatory framework 12 / 25 What is one purpose of a governance committee in cybersecurity? Stop encryption Avoid logging Oversee policy development Limit user training 13 / 25 Which external driver requires compliance with industry-specific rules? National secret Privacy ethics Regulatory mandate Business lifecycle 14 / 25 Which policy would address user rights during system onboarding? Encryption guide Access control policy National directive Regulatory law 15 / 25 What does a password standard typically enforce? Incident metrics Chain of command Length and complexity Role-based rules 16 / 25 Which of the following best describes a standard in security governance? Suggestive template Mandatory baseline Internal discussion Reactive process 17 / 25 Which governance structure may involve cross-functional executive participation? Decentralized model Static workgroup Steering committee Open source board 18 / 25 Which policy outlines business priorities following a crisis? Ethics code Logging standard Business continuity Operational playbook 19 / 25 What is a common outcome of poor change management procedures? Faster patches Tighter access Configuration drift Streamlined audit 20 / 25 Why is the SDLC policy vital for secure software delivery? Prevents hardware failure Ensures version rollback Integrates security from start Tracks marketing efforts 21 / 25 What is a disaster recovery plan primarily designed to support? Legal discovery Revenue modeling System restoration Ethical training 22 / 25 Which role is accountable for day-to-day handling of secure datasets? Risk officer Data steward Process owner Compliance lead 23 / 25 Who is primarily responsible for defining data sensitivity levels? Data processor Data controller Data custodian Policy steward 24 / 25 What is the purpose of an information security policy? Enforce physical barriers Provide tactical fixes Outline organizational intent Direct national compliance 25 / 25 Which document defines employee responsibilities for proper system access and usage? Playbook Incident plan Acceptable use policy Lifecycle checklist Your score isThe average score is 0% 0% Restart quiz Return to CompTia S+ SY0-701 Objectives
