ISC2 CC Exam Questions With 100% Correct
Answers 2024/CC ISC2 Flashcards. 139
Questions and Correct Answers, With Complete
Solution.
What is MAC (Mandatory Access Control)?
The operating system determines who gets access to resources. Much more restricted, not used as
much.
Which of the following is a detection control?:
Bollards
Turnstiles
Firewalls
Smoke sensors
Smoke sensors. By definition, smoke detectors are fire protection devices employed for the early
detection of fire. Firewalls are devices that filter incoming traffic, and are a type of logical preventive
control. Bollards and turnstiles are types of physical preventive controls.
Which of the following is NOT an ethical canon of the ISC2?
-Advance and protect the profession
-Act honorably, honestly, justly, responsibly and legally
-Protect society, the common good, necessary public trust and confidence, and the infrastructure
-Provide active and qualified service to principal
Provide active and qualified service to principal. In the code of ethics, we read "Provide diligent and
competent service to principals", and not "Provide active and qualified service to principals."; all the
other options are valid canons of the code of ethics (see ISC2 Study Guide Chapter 1, Module 5).
Which of the following is a data handling policy procedure?
-Transform
-Destroy
-Encode
-Collect
Destroy. The data handling procedures are 'Classify', 'Categorize', 'Label', 'Store', 'Encrypt', 'Backup', and
'Destroy' (see ISC2 Study Guide, chapter 5, module 3).
Which of the following properties is NOT guaranteed by Digital Signatures?
-Non-Repudiation
-Confidentiality
-Authentication
-Integrity
, Confidentiality. A digital signature is the result of a cryptographic transformation of data which is useful
for providing: data origin authentication, data integrity, and non-repudiation of the signer (see NIST SP
800-12 Rev. 1 under Digital Signature). However, digital signatures cannot guarantee confidentiality (i.e.
the property of data or information not being made available or disclosed).
Which type of attack has the PRIMARY objective controlling the system from outside?
-Cross-Site Scripting
-Rootkits
-Trojans
-Backdoors
Backdoors. Trojans and Rootkits are often used to install backdoors. A backdoor is a malicious feature
that listens for commands on a specific logical port (TCP or UDP) and executes them on the attacked
system or device, thereby giving direct control of the system or device to a malicious outside entity (or
program). Cross-Site Scripting can execute code with the same permissions as the scripts generated by
the target website, compromising the confidentiality and integrity of data transfers between the website
and the client.
Which of the following is an example of an administrative security control?
-Acceptable Use Policies
-No entry signs
-Badge Readers
-Access Control Lists
Acceptable Use Policies. Policies are a type of administrative security controls. An access control list is a
type of technical security control. A badge reader and a 'No entry' sign are types of physical security
controls (see ISC2 Study Guide, Chapter 1, Module 3).
The process of verifying or proving the user's identification is known as:
-Integrity
-Authentication
-Authorization
-Confidentiality
Authentication. Authentication is the verification of the identity of a user, process or device, as a
prerequisite to allowing access to the resources in a given system. In contrast, authorization refers to the
permission granted to users, processes or devices to access specific assets. Confidentiality and integrity
are properties of information and systems, not processes.
A web server that accepts requests from external clients should be placed in which network?
DMZ
Intranet
Internal Network
VPN
DMZ. In Cybersecurity, a DMZ (demilitarized zone) is a physical or logical subnetwork that contains and
exposes external-facing services (such as web services). An Internal Network is an organization-
controlled network that is isolated from external access. An Intranet is itself an internal network that
Answers 2024/CC ISC2 Flashcards. 139
Questions and Correct Answers, With Complete
Solution.
What is MAC (Mandatory Access Control)?
The operating system determines who gets access to resources. Much more restricted, not used as
much.
Which of the following is a detection control?:
Bollards
Turnstiles
Firewalls
Smoke sensors
Smoke sensors. By definition, smoke detectors are fire protection devices employed for the early
detection of fire. Firewalls are devices that filter incoming traffic, and are a type of logical preventive
control. Bollards and turnstiles are types of physical preventive controls.
Which of the following is NOT an ethical canon of the ISC2?
-Advance and protect the profession
-Act honorably, honestly, justly, responsibly and legally
-Protect society, the common good, necessary public trust and confidence, and the infrastructure
-Provide active and qualified service to principal
Provide active and qualified service to principal. In the code of ethics, we read "Provide diligent and
competent service to principals", and not "Provide active and qualified service to principals."; all the
other options are valid canons of the code of ethics (see ISC2 Study Guide Chapter 1, Module 5).
Which of the following is a data handling policy procedure?
-Transform
-Destroy
-Encode
-Collect
Destroy. The data handling procedures are 'Classify', 'Categorize', 'Label', 'Store', 'Encrypt', 'Backup', and
'Destroy' (see ISC2 Study Guide, chapter 5, module 3).
Which of the following properties is NOT guaranteed by Digital Signatures?
-Non-Repudiation
-Confidentiality
-Authentication
-Integrity
, Confidentiality. A digital signature is the result of a cryptographic transformation of data which is useful
for providing: data origin authentication, data integrity, and non-repudiation of the signer (see NIST SP
800-12 Rev. 1 under Digital Signature). However, digital signatures cannot guarantee confidentiality (i.e.
the property of data or information not being made available or disclosed).
Which type of attack has the PRIMARY objective controlling the system from outside?
-Cross-Site Scripting
-Rootkits
-Trojans
-Backdoors
Backdoors. Trojans and Rootkits are often used to install backdoors. A backdoor is a malicious feature
that listens for commands on a specific logical port (TCP or UDP) and executes them on the attacked
system or device, thereby giving direct control of the system or device to a malicious outside entity (or
program). Cross-Site Scripting can execute code with the same permissions as the scripts generated by
the target website, compromising the confidentiality and integrity of data transfers between the website
and the client.
Which of the following is an example of an administrative security control?
-Acceptable Use Policies
-No entry signs
-Badge Readers
-Access Control Lists
Acceptable Use Policies. Policies are a type of administrative security controls. An access control list is a
type of technical security control. A badge reader and a 'No entry' sign are types of physical security
controls (see ISC2 Study Guide, Chapter 1, Module 3).
The process of verifying or proving the user's identification is known as:
-Integrity
-Authentication
-Authorization
-Confidentiality
Authentication. Authentication is the verification of the identity of a user, process or device, as a
prerequisite to allowing access to the resources in a given system. In contrast, authorization refers to the
permission granted to users, processes or devices to access specific assets. Confidentiality and integrity
are properties of information and systems, not processes.
A web server that accepts requests from external clients should be placed in which network?
DMZ
Intranet
Internal Network
VPN
DMZ. In Cybersecurity, a DMZ (demilitarized zone) is a physical or logical subnetwork that contains and
exposes external-facing services (such as web services). An Internal Network is an organization-
controlled network that is isolated from external access. An Intranet is itself an internal network that
