# SEC-1 Quiz: Security Controls

Take this after studying `notes/SEC-1-security-controls.md`.

Reply with answers like:
`1B 2A 3D 4C 5B 6A 7D`

## Questions

1. Which physical control is designed to stop vehicles from approaching a building entrance?

A. Smart card  
B. Bollard  
C. SAML  
D. DLP  

2. Which control grants users only the access needed to perform their job?

A. Zero Trust  
B. SSO  
C. Video surveillance  
D. Least privilege  

3. A company wants to prevent credit card numbers from being emailed outside the organization. Which control fits best?

A. TOTP  
B. APIPA  
C. DLP  
D. Disk Cleanup  

4. Which technology centrally manages mobile device policies such as PIN requirements and remote wipe?

A. ACL  
B. MDM  
C. CCTV  
D. ReFS  

5. Which access model grants elevated admin rights only for a limited time?

A. Workgroup access  
B. Public network profile  
C. File sharing  
D. Just-in-time access  

6. Which authentication method uses a code that changes based on time, often every 30 seconds?

A. TOTP  
B. ACL  
C. DLP  
D. CCTV  

7. Which feature lets a user authenticate once and then access multiple approved resources?

A. Magnetometer  
B. APFS  
C. SSO  
D. exFAT  

8. Which access control model assigns permissions based on the user's role in the organization?

A. DAC (Discretionary)  
B. RBAC (Role-Based)  
C. TOTP  
D. DLP  

9. Which physical security control prevents someone from following an authorized person through a secure door?

A. CCTV  
B. Mantrap or access control vestibule  
C. Badge color coding  
D. SSID broadcast  

10. Which type of control aims to fix a vulnerability or issue after it is detected?

A. Preventive  
B. Detective  
C. Corrective  
D. Deterrent  

11. Which authentication factor type is a smartcard?

A. Something you know  
B. Something you are  
C. Something you have  
D. Something you do  

12. A company requires two of the following to log in: PIN, fingerprint, and a phone app. This is an example of:

A. Single-factor authentication  
B. Multi-factor authentication (MFA)  
C. Zero-trust bypass  
D. Just-in-time SSID  

13. Which security control type defines policies and procedures rather than technical tools?

A. Physical  
B. Technical  
C. Administrative  
D. Detective  

14. Which physical control uses a second locked door to trap and verify a person before granting full access?

A. Bollard  
B. Badge scanner  
C. Mantrap  
D. CCTV  

15. A user authenticates with a fingerprint. Which factor type is this?

A. Something you know  
B. Something you have  
C. Something you are  
D. Something you do  

## Answer Key For Instructor

1. B
2. D
3. C
4. B
5. D
6. A
7. C
8. B
9. B
10. C
11. C
12. B
13. C
14. C
15. C