ISC2 Cybersecurity Test | 100% Correct Answers | Verified | Latest 2024 Version

ISC2 Cybersecurity Test | 100% Correct Answers | Verified | Latest 2024 Version According to the canon "Provide diligent and competent service to principals", ISC2 professionals are to: - Avoid apparent or actual conflicts of interest. Risk Management is: - The identification, evaluation and prioritization of risks. What is the consequence of a Denial Of Service attack? - Exhaustion of device resources In which cloud model does the cloud customer have LESS responsibility over the infrastructure? - SaaS (Software as a Service) The SMTP protocol operates at OSI Level: - 7 Which of these would be the best option if a network administrator needs to control access to a network? - NAC Which security principle states that a user should only have the necessary permission to execute a task? - Least Privilege Which of the following cloud models allows access to fundamental computer resources? - Infrastructure as a Service (IaaS) provides the capability to provision processing, storage, networks, and other fundamental computing resources Which of these has the PRIMARY objective of identifying and prioritizing critical business processes? - Business Impact Analysis Which access control model specifies access to an object based on the subject's role in the organization? - The role-based access control (RBAC) model is well known for governing access to objects based on the roles of individual users within the organization. Which of the following Cybersecurity concepts guarantees that information is accessible only to those authorized to access it? - Confidentiality Which of the following are NOT types of security controls? - Storage controls Which port is used to secure communication over the web (HTTPS)? - Port 443 is the one reserved for HTTPS connections. In Change Management, which component addresses the procedures needed to undo changes? - Rollback phase addresses the actions to take when the monitoring change suggests a failure or inadequate performance. Which type of attack attempts to gain information by observing the device's power consumption? - side-channel attack is a passive and non-invasive attack aiming to extract information from a running system Which of the following canons is found in the ISC2 code of ethics? - "Provide diligent and competent service to principals" contains the accurate text of the ISC2 code of ethics. Which of these is the PRIMARY objective of a Disaster Recovery Plan? - Restore company operation to the last-known reliable operation state Which of these is not an attack against an IP network? - Side Channel Attacks are non-invasive attacks that extract information from devices (typically devices running cryptographic algorithms), and therefore do not aim at IP networks Which of the following is NOT a type of learning activity used in Security Awareness? - Tutorial is a form of training, but is not on the list of types of learning activities. Which are the components of an incident response plan? - Preparation-> Detection and Analysis -> Containment, Education and Recovery -> Post Incident Activity