(ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
Document specific requirements that a customer has irrelevant. - ANSWER -Risk Avoidance
about any aspect of a vendor's service performance.
A) DLR
B) Contract _________ reduces the likelihood or impact of a risk. -
C) SLR ANSWER -Risk Mitigation
D) NDA - ANSWER -C) SLR (Service-Level
Requirements)
An organization's _________ is the set of risks that it
faces. - ANSWER -Risk Profile
_________ identifies and triages risks. - ANSWER -
Risk Assessment
_________ Initial Risk of an organization. -
ANSWER -Inherent Risk
_________ are external forces that jeopardize security. -
ANSWER -Threats
_________ Risk that remains in an organization after
controls. - ANSWER -Residual Risk
_________ are methods used by attackers. -
ANSWER -Threat Vectors
_________ is the level of risk an organization is willing to
accept. - ANSWER -Risk Tolerance
_________ are the combination of a threat and a
vulnerability. - ANSWER -Risks
_________ reduce the likelihood or impact of a risk and
help identify issues. - ANSWER -Security Controls
We rank risks by _________ and _________. -
ANSWER -Likelihood and impact
_________ stop a security issue from occurring. -
ANSWER -Preventive Control
_________ use subjective ratings to evaluate risk
likelihood and impact. - ANSWER -Qualitative Risk
Assessment
_________ identify security issues requiring investigation.
- ANSWER -Detective Control
_________ use objective numeric ratings to evaluate risk
likelihood and impact. - ANSWER -Quantitative Risk
Assessment _________ remediate security issues that have occurred.
- ANSWER -Recovery Control
_________ analyzes and implements possible responses
to control risk. - ANSWER -Risk Treatment Hardening == Preventative - ANSWER -Virus ==
Detective
_________ changes business practices to make a risk
, (ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
What two factors are used to evaluate a risk? -
Backups == Recovery - ANSWER -For exam (Local ANSWER -Likelihood and Impact
and Technical Controls are the same)
What term best describes making a snapshot of a system
_________ use technology to achieve control objectives. - or application at a point in time for later comparison? -
ANSWER -Technical Controls ANSWER -Baselining
_________ use processes to achieve control objectives. - What type of security control is designed to stop a security
ANSWER -Administrative Controls issue from occurring in the first place? - ANSWER -
Preventive
_________ impact the physical world. - ANSWER -
Physical Controls What term describes risks that originate inside the
organization? - ANSWER -Internal
_________ tracks specific device settings. -
ANSWER -Configuration Management What four items belong to the security policy framework? -
ANSWER -Policies, Standards, Guidelines,
Procedures
_________ provide a configuration snapshot. -
ANSWER -Baselines (track changes)
_________ describe an organization's security
expectations. - ANSWER -Policies (mandatory and
approved at the highest level of an organization)
_________ assigns numbers to each version. -
ANSWER -Versioning
_________ describe specific security controls and are
often derived from policies. - ANSWER -Standards
_________ serve as important configuration artifacts. - (mandatory)
ANSWER -Diagrams
_________ describe best practices. - ANSWER -
_________ and _________ help ensure a stable Guidelines (recommendations/advice and compliance is
operating environment. - ANSWER -Change and not mandatory)
Configuration Management
_________ step-by-step instructions. - ANSWER -
Purchasing an insurance policy is an example of which Procedures (not mandatory)
risk management strategy? - ANSWER -Risk
Transference
_________ describe authorized uses of technology. -
ANSWER -Acceptable Use Policies (AUP)
, (ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
BCP is also known as _________. - ANSWER -
Continuity of Operations Planning (COOP)
_________ describe how to protect sensitive information.
- ANSWER -Data Handling Policies
Defining the BCP Scope: - ANSWER -What business
activities will the plan cover? What systems will it cover?
_________ cover password security practices. - What controls will it consider?
ANSWER -Password Policies
_________ identifies and prioritizes risks. -
_________ cover use of personal devices with company ANSWER -Business Impact Assessment
information. - ANSWER -Bring Your Own Device
(BYOD) Policies
BCP in the cloud requires _________ between providers
and customers. - ANSWER -Collaboration
_________ cover the use of personally identifiable
information. - ANSWER -Privacy Policies
_________ protects against the failure of a single
component. - ANSWER -Redundancy
_________ cover the documentation, approval, and
rollback of technology changes. - ANSWER -
Change Management Policies
_________ identifies and removes SPOFs. -
ANSWER -Single Point of Failure Analysis
Which element of the security policy framework includes
suggestions that are not mandatory? - ANSWER -
Guidelines _________ continues until the cost of addressing risks
outweighs the benefit. - ANSWER -SPOF Analysis
What law applies to the use of personal information
belonging to European Union residents? - _________ uses multiple systems to protect against
ANSWER -GDPR service failure. - ANSWER -High Availability
What type of security policy normally describes how users _________ makes a single system resilient against
may access business information with their own devices? technical failures. - ANSWER -Fault Tolerance
- ANSWER -BYOD Policy
_________ spreads demand across systems. -
_________ the set of controls designed to keep a ANSWER -Load Balancing
business running in the face of adversity, whether natural
or man-made. - ANSWER -Business Continuity
Planning (BCP)
3 Common Points of Failure in a system. -
, (ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
ANSWER -Power Supply, Storage Media,
Networking
_________ should be consulted when developing a plan. -
ANSWER -NIST SP 800-61
Disk Mirroring is which RAID level? - ANSWER -1
Incident response teams must have personnel available
_________. - ANSWER -24/7
Disk striping with parity is which RAID level? -
ANSWER -5 (uses 3 or more disks to store data)
_________ is crucial to effective incident identification. -
ANSWER -Monitoring
What goal of security is enhanced by a strong business
continuity program? - ANSWER -Availability
_________ security solution that collects information from
diverse sources, analyzes it for signs for security incidents
What is the minimum number of disk required to perform and retains it for later use. - ANSWER -Security
RAID level 5? - ANSWER -3 Incident and Event Management (SIEM)
What type of control are we using if we supplement a The highest priority of a first responder must be containing
single firewall with a second standby firewall ready to damage through _________. - ANSWER -Isolation
assume responsibility if the primary firewall fails? -
ANSWER -High Availability
During an incident response, what is the highest priority of
first responders? - ANSWER -Containing the
_________ provide structure during cybersecurity damage
incidents. - ANSWER -Incident Response Plan
You are normally required to report security incidents to
_________ describe the policies and procedures law enforcement if you believe a law may have been
governing cybersecurity incidents. - ANSWER - violated. True or False - ANSWER -False
Incident Response Plans
_________ restores normal operations as quickly as
_________ leads to strong incident response. - possible. - ANSWER -Disaster Recovery
ANSWER -Prior Planning
What are the initial response goals regarding Disaster
Incident Response Plans should include: - Recovery? - ANSWER -Contain the Damage,
ANSWER -Statement of Purpose, Strategies and Recover normal operations
goals for incident response, Approach to incident
response, Communication with other groups, Senior
leadership approval
_________ is the amount of time to restore service. -
Answers Graded A
Document specific requirements that a customer has irrelevant. - ANSWER -Risk Avoidance
about any aspect of a vendor's service performance.
A) DLR
B) Contract _________ reduces the likelihood or impact of a risk. -
C) SLR ANSWER -Risk Mitigation
D) NDA - ANSWER -C) SLR (Service-Level
Requirements)
An organization's _________ is the set of risks that it
faces. - ANSWER -Risk Profile
_________ identifies and triages risks. - ANSWER -
Risk Assessment
_________ Initial Risk of an organization. -
ANSWER -Inherent Risk
_________ are external forces that jeopardize security. -
ANSWER -Threats
_________ Risk that remains in an organization after
controls. - ANSWER -Residual Risk
_________ are methods used by attackers. -
ANSWER -Threat Vectors
_________ is the level of risk an organization is willing to
accept. - ANSWER -Risk Tolerance
_________ are the combination of a threat and a
vulnerability. - ANSWER -Risks
_________ reduce the likelihood or impact of a risk and
help identify issues. - ANSWER -Security Controls
We rank risks by _________ and _________. -
ANSWER -Likelihood and impact
_________ stop a security issue from occurring. -
ANSWER -Preventive Control
_________ use subjective ratings to evaluate risk
likelihood and impact. - ANSWER -Qualitative Risk
Assessment
_________ identify security issues requiring investigation.
- ANSWER -Detective Control
_________ use objective numeric ratings to evaluate risk
likelihood and impact. - ANSWER -Quantitative Risk
Assessment _________ remediate security issues that have occurred.
- ANSWER -Recovery Control
_________ analyzes and implements possible responses
to control risk. - ANSWER -Risk Treatment Hardening == Preventative - ANSWER -Virus ==
Detective
_________ changes business practices to make a risk
, (ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
What two factors are used to evaluate a risk? -
Backups == Recovery - ANSWER -For exam (Local ANSWER -Likelihood and Impact
and Technical Controls are the same)
What term best describes making a snapshot of a system
_________ use technology to achieve control objectives. - or application at a point in time for later comparison? -
ANSWER -Technical Controls ANSWER -Baselining
_________ use processes to achieve control objectives. - What type of security control is designed to stop a security
ANSWER -Administrative Controls issue from occurring in the first place? - ANSWER -
Preventive
_________ impact the physical world. - ANSWER -
Physical Controls What term describes risks that originate inside the
organization? - ANSWER -Internal
_________ tracks specific device settings. -
ANSWER -Configuration Management What four items belong to the security policy framework? -
ANSWER -Policies, Standards, Guidelines,
Procedures
_________ provide a configuration snapshot. -
ANSWER -Baselines (track changes)
_________ describe an organization's security
expectations. - ANSWER -Policies (mandatory and
approved at the highest level of an organization)
_________ assigns numbers to each version. -
ANSWER -Versioning
_________ describe specific security controls and are
often derived from policies. - ANSWER -Standards
_________ serve as important configuration artifacts. - (mandatory)
ANSWER -Diagrams
_________ describe best practices. - ANSWER -
_________ and _________ help ensure a stable Guidelines (recommendations/advice and compliance is
operating environment. - ANSWER -Change and not mandatory)
Configuration Management
_________ step-by-step instructions. - ANSWER -
Purchasing an insurance policy is an example of which Procedures (not mandatory)
risk management strategy? - ANSWER -Risk
Transference
_________ describe authorized uses of technology. -
ANSWER -Acceptable Use Policies (AUP)
, (ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
BCP is also known as _________. - ANSWER -
Continuity of Operations Planning (COOP)
_________ describe how to protect sensitive information.
- ANSWER -Data Handling Policies
Defining the BCP Scope: - ANSWER -What business
activities will the plan cover? What systems will it cover?
_________ cover password security practices. - What controls will it consider?
ANSWER -Password Policies
_________ identifies and prioritizes risks. -
_________ cover use of personal devices with company ANSWER -Business Impact Assessment
information. - ANSWER -Bring Your Own Device
(BYOD) Policies
BCP in the cloud requires _________ between providers
and customers. - ANSWER -Collaboration
_________ cover the use of personally identifiable
information. - ANSWER -Privacy Policies
_________ protects against the failure of a single
component. - ANSWER -Redundancy
_________ cover the documentation, approval, and
rollback of technology changes. - ANSWER -
Change Management Policies
_________ identifies and removes SPOFs. -
ANSWER -Single Point of Failure Analysis
Which element of the security policy framework includes
suggestions that are not mandatory? - ANSWER -
Guidelines _________ continues until the cost of addressing risks
outweighs the benefit. - ANSWER -SPOF Analysis
What law applies to the use of personal information
belonging to European Union residents? - _________ uses multiple systems to protect against
ANSWER -GDPR service failure. - ANSWER -High Availability
What type of security policy normally describes how users _________ makes a single system resilient against
may access business information with their own devices? technical failures. - ANSWER -Fault Tolerance
- ANSWER -BYOD Policy
_________ spreads demand across systems. -
_________ the set of controls designed to keep a ANSWER -Load Balancing
business running in the face of adversity, whether natural
or man-made. - ANSWER -Business Continuity
Planning (BCP)
3 Common Points of Failure in a system. -
, (ISC)2 Certified in Cybersecurity - Exam Prep Questions and
Answers Graded A
ANSWER -Power Supply, Storage Media,
Networking
_________ should be consulted when developing a plan. -
ANSWER -NIST SP 800-61
Disk Mirroring is which RAID level? - ANSWER -1
Incident response teams must have personnel available
_________. - ANSWER -24/7
Disk striping with parity is which RAID level? -
ANSWER -5 (uses 3 or more disks to store data)
_________ is crucial to effective incident identification. -
ANSWER -Monitoring
What goal of security is enhanced by a strong business
continuity program? - ANSWER -Availability
_________ security solution that collects information from
diverse sources, analyzes it for signs for security incidents
What is the minimum number of disk required to perform and retains it for later use. - ANSWER -Security
RAID level 5? - ANSWER -3 Incident and Event Management (SIEM)
What type of control are we using if we supplement a The highest priority of a first responder must be containing
single firewall with a second standby firewall ready to damage through _________. - ANSWER -Isolation
assume responsibility if the primary firewall fails? -
ANSWER -High Availability
During an incident response, what is the highest priority of
first responders? - ANSWER -Containing the
_________ provide structure during cybersecurity damage
incidents. - ANSWER -Incident Response Plan
You are normally required to report security incidents to
_________ describe the policies and procedures law enforcement if you believe a law may have been
governing cybersecurity incidents. - ANSWER - violated. True or False - ANSWER -False
Incident Response Plans
_________ restores normal operations as quickly as
_________ leads to strong incident response. - possible. - ANSWER -Disaster Recovery
ANSWER -Prior Planning
What are the initial response goals regarding Disaster
Incident Response Plans should include: - Recovery? - ANSWER -Contain the Damage,
ANSWER -Statement of Purpose, Strategies and Recover normal operations
goals for incident response, Approach to incident
response, Communication with other groups, Senior
leadership approval
_________ is the amount of time to restore service. -
