ISC Certified in Cybersecurity Complete
Questions with 100% Correct Answers
Which of the following can be used to map data flows through an organization and the relevant
security controls used at each point along the way? (D5.1, L5.1.1)
a. Encryption
b. Hashing
c. Hard Copy
d. Data Life Cycle
Data Life Cycle
Why is an asset inventory so important?
a. It tells you what to encrypt
b. You can't protect what you don't know you have
c. The law requires it
d. It contains a price list
You can't protect what you don't know you have
Who is responsible for publishing and signing the organization's policies? (D5.3, L5.3.1)
a. Security office
b. Human Resources
c. Senior Management
d. Legal Department
Senior Mangagement
Which of the following is always true about logging? (D5.1, L5.1.3)
a. Logs should be very detailed
b. Logs should be in English
c. Logs should be concise
d. Logs should be stored separately from the systems they're logging
Logs should be stored separately from the systems they're logging
A mode of encryption for ensuring confidentiality efficiently, with a minimum amount of processing
overhead (D5.1, L5.1.3)
a. Asymmetric
b. Symmetric
c. Hashing
d. Covert
Symmetric
A ready visual cue to let anyone in contact with the data know what the classification is. (D5.1, L5.1.1)
a. Encryption
b. Label
c. Graphics
d. Photos
Label
A set of security controls or system settings used to ensure uniformity of configuration throughout
the IT environment. (D5.2, L5.2.1)
a. Patches
,b. Inventory
c. Baseline
d. Policy
Baseline
What is the most important aspect of security awareness/training? (D5.4, L5.4.1)
a. Protecting assets
b. Maximizing business capabilities
c. Ensuring the confidentiality of data
d. Protecting health and human safety
Protecting health and human safety
Which entity is most likely to be tasked with monitoring and enforcing security policy? (D5.3, L5.3.1)
a. The Human Resources Office
b. The legal department
c. Regulators
d. The security office
The security office
Which organizational policy is most likely to indicate which types of smartphones can be used to
connect to the internal IT environment? (D5.3, L5.3.1)
a. The CM policy (change management)
b. The password policy
c. The AUP (acceptable use policy)
d. The BYOD policy (bring your own device)
The BYOD policy (bring your own device)
Common network device used to connect networks.
Server
Endpoint
Router
Switch
Router
A common network device used to filter traffic
Server
Endpoint
Ethernet
Firewall
Firewall
endpoint <------> Web server
Which port number is associated with the protocol typically used in this connection? (D 4.1 L4.1.2)
21
53
80
161
80
, An attack against the availability of a network/system, typically uses many attacking machines to
direct traffic against a given target. (D4.2 L4.2.1)
Worm
Virus
Stealth
DDoS
DDoS
A security solution installed on an endpoint in order to detect potentially anomalous activity. (D4.2
L4.2.2)
Router
Host-Based Intrusion Prevention System
Switch
Security incident and event management system (SIEM)
Host-Based Intrusion Prevention System
A security solution that detects, identifies and often quarantines potentially hostile software. (D4.2,
L4.2.2)
Firewall
Guard
Camera
Anti-Malware
Anti-Malware
The common term used to describe the mechanisms that control the temperature and humidity in a
data center. (D4.3 L4.3.1)
VLAN (virtual local area network)
HVAC (heating, ventilation and air conditioning)
STAT (system temperature and timing)
TAWC (temperature and water control)
HVAC (heating, ventilation and air conditioning)
A cloud arrangement whereby the provider owns and manages the hardware, operating system, and
applications in the cloud, and the customer owns the data. (D4.3 L4.3.2)
Infrastructure as a service (IaaS)
Morphing as a service (MaaS)
Platform as a service (PaaS)
Software as a service (SaaS)
Software as a service (SaaS)
A portion of the organization's network that interfaces directly with the outside world, typically, this
exposed area has more security controls and restrictions than the rest of the internal IT environment.
(D4.3 L4.3.3)
National Institute of Standards and Technology (NIST)
Demilitarized Zone (DMZ)
Virtual Private Network (VPN)
Virtual Local Area Network (VLAN)
Demilitarized Zone (DMZ)
Which of the following tools can be used to grant remote users access to the internal IT environment?
(D 4.3 L4.3.3)
Questions with 100% Correct Answers
Which of the following can be used to map data flows through an organization and the relevant
security controls used at each point along the way? (D5.1, L5.1.1)
a. Encryption
b. Hashing
c. Hard Copy
d. Data Life Cycle
Data Life Cycle
Why is an asset inventory so important?
a. It tells you what to encrypt
b. You can't protect what you don't know you have
c. The law requires it
d. It contains a price list
You can't protect what you don't know you have
Who is responsible for publishing and signing the organization's policies? (D5.3, L5.3.1)
a. Security office
b. Human Resources
c. Senior Management
d. Legal Department
Senior Mangagement
Which of the following is always true about logging? (D5.1, L5.1.3)
a. Logs should be very detailed
b. Logs should be in English
c. Logs should be concise
d. Logs should be stored separately from the systems they're logging
Logs should be stored separately from the systems they're logging
A mode of encryption for ensuring confidentiality efficiently, with a minimum amount of processing
overhead (D5.1, L5.1.3)
a. Asymmetric
b. Symmetric
c. Hashing
d. Covert
Symmetric
A ready visual cue to let anyone in contact with the data know what the classification is. (D5.1, L5.1.1)
a. Encryption
b. Label
c. Graphics
d. Photos
Label
A set of security controls or system settings used to ensure uniformity of configuration throughout
the IT environment. (D5.2, L5.2.1)
a. Patches
,b. Inventory
c. Baseline
d. Policy
Baseline
What is the most important aspect of security awareness/training? (D5.4, L5.4.1)
a. Protecting assets
b. Maximizing business capabilities
c. Ensuring the confidentiality of data
d. Protecting health and human safety
Protecting health and human safety
Which entity is most likely to be tasked with monitoring and enforcing security policy? (D5.3, L5.3.1)
a. The Human Resources Office
b. The legal department
c. Regulators
d. The security office
The security office
Which organizational policy is most likely to indicate which types of smartphones can be used to
connect to the internal IT environment? (D5.3, L5.3.1)
a. The CM policy (change management)
b. The password policy
c. The AUP (acceptable use policy)
d. The BYOD policy (bring your own device)
The BYOD policy (bring your own device)
Common network device used to connect networks.
Server
Endpoint
Router
Switch
Router
A common network device used to filter traffic
Server
Endpoint
Ethernet
Firewall
Firewall
endpoint <------> Web server
Which port number is associated with the protocol typically used in this connection? (D 4.1 L4.1.2)
21
53
80
161
80
, An attack against the availability of a network/system, typically uses many attacking machines to
direct traffic against a given target. (D4.2 L4.2.1)
Worm
Virus
Stealth
DDoS
DDoS
A security solution installed on an endpoint in order to detect potentially anomalous activity. (D4.2
L4.2.2)
Router
Host-Based Intrusion Prevention System
Switch
Security incident and event management system (SIEM)
Host-Based Intrusion Prevention System
A security solution that detects, identifies and often quarantines potentially hostile software. (D4.2,
L4.2.2)
Firewall
Guard
Camera
Anti-Malware
Anti-Malware
The common term used to describe the mechanisms that control the temperature and humidity in a
data center. (D4.3 L4.3.1)
VLAN (virtual local area network)
HVAC (heating, ventilation and air conditioning)
STAT (system temperature and timing)
TAWC (temperature and water control)
HVAC (heating, ventilation and air conditioning)
A cloud arrangement whereby the provider owns and manages the hardware, operating system, and
applications in the cloud, and the customer owns the data. (D4.3 L4.3.2)
Infrastructure as a service (IaaS)
Morphing as a service (MaaS)
Platform as a service (PaaS)
Software as a service (SaaS)
Software as a service (SaaS)
A portion of the organization's network that interfaces directly with the outside world, typically, this
exposed area has more security controls and restrictions than the rest of the internal IT environment.
(D4.3 L4.3.3)
National Institute of Standards and Technology (NIST)
Demilitarized Zone (DMZ)
Virtual Private Network (VPN)
Virtual Local Area Network (VLAN)
Demilitarized Zone (DMZ)
Which of the following tools can be used to grant remote users access to the internal IT environment?
(D 4.3 L4.3.3)
