⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙ μλΜιΙ ππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ
According to the canon "Provide diligent and competent service to principals",
ISC2 professionals are to: - correct answer ✔Avoid apparent or actual conflicts
of interest.
Risk Management is: - correct answer ✔The identification, evaluation and
prioritization of risks.
What is the consequence of a Denial Of Service attack? - correct answer
✔Exhaustion of device resources
In which cloud model does the cloud customer have LESS responsibility over the
infrastructure? - correct answer ✔SaaS (Software as a Service)
The SMTP protocol operates at OSI Level: - correct answer ✔7
Which of these would be the best option if a network administrator needs to
control access to a network? - correct answer ✔NAC
Which security principle states that a user should only have the necessary
permission to execute a task? - correct answer ✔Least Privilege
Which of the following cloud models allows access to fundamental computer
resources? - correct answer ✔Infrastructure as a Service (IaaS) provides the
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
,⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙ μλΜιΙ ππππ ιΤΜΜτλ μτΧ
capability to provision processing, storage, networks, and other fundamental
computing resources
Which of these has the PRIMARY objective of identifying and prioritizing critical
business processes? - correct answer ✔Business Impact Analysis
Which access control model specifies access to an object based on the subject's
role in the organization? - correct answer ✔The role-based access control
(RBAC) model is well known for governing access to objects based on the roles
of individual users within the organization.
Which of the following Cybersecurity concepts guarantees that information is
accessible only to those authorized to access it? - correct answer
✔Confidentiality
Which of the following are NOT types of security controls? - correct answer
✔Storage controls
Which port is used to secure communication over the web (HTTPS)? - correct
answer ✔Port 443 is the one reserved for HTTPS connections.
In Change Management, which component addresses the procedures needed to
undo changes? - correct answer ✔Rollback phase addresses the actions to take
when the monitoring change suggests a failure or inadequate performance.
Which type of attack attempts to gain information by observing the device's
power consumption? - correct answer ✔side-channel attack
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
, ⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙ μλΜιΙ ππππ ιΤΜΜτλ μτΧ
is a passive and non-invasive attack aiming to extract information from a
running system
Which of the following canons is found in the ISC2 code of ethics? - correct
answer ✔"Provide diligent and competent service to principals" contains the
accurate text of the ISC2 code of ethics.
Which of these is the PRIMARY objective of a Disaster Recovery Plan? - correct
answer ✔Restore company operation to the last-known reliable operation state
Which of these is not an attack against an IP network? - correct answer ✔Side
Channel Attacks are non-invasive attacks that extract information from devices
(typically devices running cryptographic algorithms), and therefore do not aim
at IP networks
Which of the following is NOT a type of learning activity used in Security
Awareness? - correct answer ✔Tutorial
is a form of training, but is not on the list of types of learning activities.
Which are the components of an incident response plan? - correct answer
✔Preparation-> Detection and Analysis -> Containment, Education and Recovery
-> Post Incident Activity
Which type of attack embeds malicious payload inside a reputable or trusted
software? - correct answer ✔Trojans
are a type of software that appears legitimate but has hidden malicious
functions that evade security mechanisms, typically by exploiting legitimate
authorizations of the user that invokes the program.
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙ μλΜιΙ ππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙμλΜιΙππππ ιΤΜΜτλμτΧ
According to the canon "Provide diligent and competent service to principals",
ISC2 professionals are to: - correct answer ✔Avoid apparent or actual conflicts
of interest.
Risk Management is: - correct answer ✔The identification, evaluation and
prioritization of risks.
What is the consequence of a Denial Of Service attack? - correct answer
✔Exhaustion of device resources
In which cloud model does the cloud customer have LESS responsibility over the
infrastructure? - correct answer ✔SaaS (Software as a Service)
The SMTP protocol operates at OSI Level: - correct answer ✔7
Which of these would be the best option if a network administrator needs to
control access to a network? - correct answer ✔NAC
Which security principle states that a user should only have the necessary
permission to execute a task? - correct answer ✔Least Privilege
Which of the following cloud models allows access to fundamental computer
resources? - correct answer ✔Infrastructure as a Service (IaaS) provides the
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
,⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙ μλΜιΙ ππππ ιΤΜΜτλ μτΧ
capability to provision processing, storage, networks, and other fundamental
computing resources
Which of these has the PRIMARY objective of identifying and prioritizing critical
business processes? - correct answer ✔Business Impact Analysis
Which access control model specifies access to an object based on the subject's
role in the organization? - correct answer ✔The role-based access control
(RBAC) model is well known for governing access to objects based on the roles
of individual users within the organization.
Which of the following Cybersecurity concepts guarantees that information is
accessible only to those authorized to access it? - correct answer
✔Confidentiality
Which of the following are NOT types of security controls? - correct answer
✔Storage controls
Which port is used to secure communication over the web (HTTPS)? - correct
answer ✔Port 443 is the one reserved for HTTPS connections.
In Change Management, which component addresses the procedures needed to
undo changes? - correct answer ✔Rollback phase addresses the actions to take
when the monitoring change suggests a failure or inadequate performance.
Which type of attack attempts to gain information by observing the device's
power consumption? - correct answer ✔side-channel attack
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
, ⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪛⪴⪴⪷ ⪱⪘⪞⪴⪸ε ΘΙΙ μλΜιΙ ππππ ιΤΜΜτλ μτΧ
is a passive and non-invasive attack aiming to extract information from a
running system
Which of the following canons is found in the ISC2 code of ethics? - correct
answer ✔"Provide diligent and competent service to principals" contains the
accurate text of the ISC2 code of ethics.
Which of these is the PRIMARY objective of a Disaster Recovery Plan? - correct
answer ✔Restore company operation to the last-known reliable operation state
Which of these is not an attack against an IP network? - correct answer ✔Side
Channel Attacks are non-invasive attacks that extract information from devices
(typically devices running cryptographic algorithms), and therefore do not aim
at IP networks
Which of the following is NOT a type of learning activity used in Security
Awareness? - correct answer ✔Tutorial
is a form of training, but is not on the list of types of learning activities.
Which are the components of an incident response plan? - correct answer
✔Preparation-> Detection and Analysis -> Containment, Education and Recovery
-> Post Incident Activity
Which type of attack embeds malicious payload inside a reputable or trusted
software? - correct answer ✔Trojans
are a type of software that appears legitimate but has hidden malicious
functions that evade security mechanisms, typically by exploiting legitimate
authorizations of the user that invokes the program.
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
⪛⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙ ΙμλΜι Ιππππ ιΤΜΜτλ μτΧ⪛ ⪴⪴⪷⪱⪘ ⪞⪴⪸εΘΙΙμλΜ ιΙππππ ιΤΜΜτλ μτΧ
