Free 5-question sample test with instant feedback. See how ready you are.
Question 1
What does PCI DSS stand for, and what type of data does it specifically protect?
Answer: Payment Card Industry Data Security Standard. It protects cardholder data, including credit and debit card transaction information, and applies to any organization that stores, processes, or transmits payment card data.
Question 2
Which U.S. federal law mandates security controls for federal agencies and their contractors to protect government information systems?
Answer: FISMA (Federal Information Security Management Act) requires federal agencies to develop, document, and implement information security programs to protect government data and systems.
Question 3
What is the primary purpose of the SOX (Sarbanes-Oxley Act) as it relates to information security?
Answer: SOX requires publicly traded companies to implement internal controls that ensure the accuracy and integrity of financial reporting, including IT controls that protect financial data from unauthorized modification.
Question 4
Which regulation specifically governs the protection of health information in the United States, and what are its two main rules?
Answer: HIPAA (Health Insurance Portability and Accountability Act) governs protected health information (PHI). Its two main rules are the Privacy Rule, which controls use and disclosure of PHI, and the Security Rule, which mandates safeguards for electronic PHI (ePHI).
Question 5
What is the GDPR, and what is the maximum fine an organization can face for a serious violation?
Answer: The General Data Protection Regulation (GDPR) is a European Union law governing the collection and processing of personal data of EU residents. Serious violations can result in fines up to €20 million or 4% of global annual turnover, whichever is higher.