ISC Certified in Cybersecurity Exam
Questions with Correct Answers
What is the most important aspect of security awareness/training? (D5.4, L5.4.1)
a. Protecting assets
b. Maximizing business capabilities
c. Ensuring the confidentiality of data
d. Protecting health and human safety - ANSWER-Protecting health and human
safety
Which entity is most likely to be tasked with monitoring and enforcing security policy?
(D5.3, L5.3.1)
a. The Human Resources Office
b. The legal department
c. Regulators
d. The security office - ANSWER-The security office
Which organizational policy is most likely to indicate which types of smartphones can
be used to connect to the internal IT environment? (D5.3, L5.3.1)
a. The CM policy (change management)
b. The password policy
c. The AUP (acceptable use policy)
d. The BYOD policy (bring your own device) - ANSWER-The BYOD policy (bring
your own device)
Common network device used to connect networks.
Server
Endpoint
Router
Switch - ANSWER-Router
A common network device used to filter traffic
Server
Endpoint
Ethernet
Firewall - ANSWER-Firewall
endpoint <------> Web server
Which port number is associated with the protocol typically used in this connection?
(D 4.1 L4.1.2)
21
53
80
161 - ANSWER-80
,An attack against the availability of a network/system, typically uses many attacking
machines to direct traffic against a given target. (D4.2 L4.2.1)
Worm
Virus
Stealth
DDoS - ANSWER-DDoS
A security solution installed on an endpoint in order to detect potentially anomalous
activity. (D4.2 L4.2.2)
Router
Host-Based Intrusion Prevention System
Switch
Security incident and event management system (SIEM) - ANSWER-Host-Based
Intrusion Prevention System
A security solution that detects, identifies and often quarantines potentially hostile
software. (D4.2, L4.2.2)
Firewall
Guard
Camera
Anti-Malware - ANSWER-Anti-Malware
The common term used to describe the mechanisms that control the temperature
and humidity in a data center. (D4.3 L4.3.1)
VLAN (virtual local area network)
HVAC (heating, ventilation and air conditioning)
STAT (system temperature and timing)
TAWC (temperature and water control) - ANSWER-HVAC (heating, ventilation and
air conditioning)
A cloud arrangement whereby the provider owns and manages the hardware,
operating system, and applications in the cloud, and the customer owns the data.
(D4.3 L4.3.2)
Infrastructure as a service (IaaS)
Morphing as a service (MaaS)
Platform as a service (PaaS)
Software as a service (SaaS) - ANSWER-Software as a service (SaaS)
A portion of the organization's network that interfaces directly with the outside world,
typically, this exposed area has more security controls and restrictions than the rest
of the internal IT environment. (D4.3 L4.3.3)
National Institute of Standards and Technology (NIST)
Demilitarized Zone (DMZ)
Virtual Private Network (VPN)
Virtual Local Area Network (VLAN) - ANSWER-Demilitarized Zone (DMZ)
Which of the following tools can be used to grant remote users access to the internal
IT environment? (D 4.3 L4.3.3)
VLAN (Virtual Local Area Network)
, VPN (Virtual Private Network)
DDoS (Distributed Denial-of-Service)
MAC (Media Access Control) - ANSWER-Virtual Private Network (VPN)
Which of the following is a subject?
A file
A fence
A filename
A user - ANSWER-A user
Lia works in the security office. During research, Lia learns that a configuration
change could better protect the organization's IT environment. Lia makes a proposal
for this change, but the change cannot be implemented until it is approved, tested,
and then cleared for deployment by the Change Control Board. This is an example of
__________. (D3, L3.1.1)
Defense in Depth
Holistic Security
Threat Intelligence
Segregation of Duties - ANSWER-Segregation of Duties
Duncan and Mira both work in the data center at Triffid, Inc. There is a policy in place
that requires both of them to be present in the data center at the same time. if one of
them has to leave for any reason, the other has to step out, too, until they can both
re-enter. This is called ________. (D 3, L3.1.1)
Blockade
MFA
Two-Person Integrity
Defense in Depth - ANSWER-Two-person integrity
Clyde is the security analyst tasked with finding an appropriate physical control to
reduce the possibility that unbadged people will follow badged employees through
the entrance of the organization's facility. Which of the following can address this
risk? (D3, L3.2.1)
Fences
Dogs
Bollards
Turnstiles - ANSWER-Turnstiles
Sinka is considering a physical deterrent control to dissuade unauthorized people
from entering the organization's property. Which of the following would serve this
purpose? (D3, L3.2.1)
A wall
Razor Tape
A sign
A hidden camera - ANSWER-Razor Tape
Which of these combinations of physical security controls share a single point of
failure? (D3, L3.2.1)
Guards and fences
Badge readers and walls
Questions with Correct Answers
What is the most important aspect of security awareness/training? (D5.4, L5.4.1)
a. Protecting assets
b. Maximizing business capabilities
c. Ensuring the confidentiality of data
d. Protecting health and human safety - ANSWER-Protecting health and human
safety
Which entity is most likely to be tasked with monitoring and enforcing security policy?
(D5.3, L5.3.1)
a. The Human Resources Office
b. The legal department
c. Regulators
d. The security office - ANSWER-The security office
Which organizational policy is most likely to indicate which types of smartphones can
be used to connect to the internal IT environment? (D5.3, L5.3.1)
a. The CM policy (change management)
b. The password policy
c. The AUP (acceptable use policy)
d. The BYOD policy (bring your own device) - ANSWER-The BYOD policy (bring
your own device)
Common network device used to connect networks.
Server
Endpoint
Router
Switch - ANSWER-Router
A common network device used to filter traffic
Server
Endpoint
Ethernet
Firewall - ANSWER-Firewall
endpoint <------> Web server
Which port number is associated with the protocol typically used in this connection?
(D 4.1 L4.1.2)
21
53
80
161 - ANSWER-80
,An attack against the availability of a network/system, typically uses many attacking
machines to direct traffic against a given target. (D4.2 L4.2.1)
Worm
Virus
Stealth
DDoS - ANSWER-DDoS
A security solution installed on an endpoint in order to detect potentially anomalous
activity. (D4.2 L4.2.2)
Router
Host-Based Intrusion Prevention System
Switch
Security incident and event management system (SIEM) - ANSWER-Host-Based
Intrusion Prevention System
A security solution that detects, identifies and often quarantines potentially hostile
software. (D4.2, L4.2.2)
Firewall
Guard
Camera
Anti-Malware - ANSWER-Anti-Malware
The common term used to describe the mechanisms that control the temperature
and humidity in a data center. (D4.3 L4.3.1)
VLAN (virtual local area network)
HVAC (heating, ventilation and air conditioning)
STAT (system temperature and timing)
TAWC (temperature and water control) - ANSWER-HVAC (heating, ventilation and
air conditioning)
A cloud arrangement whereby the provider owns and manages the hardware,
operating system, and applications in the cloud, and the customer owns the data.
(D4.3 L4.3.2)
Infrastructure as a service (IaaS)
Morphing as a service (MaaS)
Platform as a service (PaaS)
Software as a service (SaaS) - ANSWER-Software as a service (SaaS)
A portion of the organization's network that interfaces directly with the outside world,
typically, this exposed area has more security controls and restrictions than the rest
of the internal IT environment. (D4.3 L4.3.3)
National Institute of Standards and Technology (NIST)
Demilitarized Zone (DMZ)
Virtual Private Network (VPN)
Virtual Local Area Network (VLAN) - ANSWER-Demilitarized Zone (DMZ)
Which of the following tools can be used to grant remote users access to the internal
IT environment? (D 4.3 L4.3.3)
VLAN (Virtual Local Area Network)
, VPN (Virtual Private Network)
DDoS (Distributed Denial-of-Service)
MAC (Media Access Control) - ANSWER-Virtual Private Network (VPN)
Which of the following is a subject?
A file
A fence
A filename
A user - ANSWER-A user
Lia works in the security office. During research, Lia learns that a configuration
change could better protect the organization's IT environment. Lia makes a proposal
for this change, but the change cannot be implemented until it is approved, tested,
and then cleared for deployment by the Change Control Board. This is an example of
__________. (D3, L3.1.1)
Defense in Depth
Holistic Security
Threat Intelligence
Segregation of Duties - ANSWER-Segregation of Duties
Duncan and Mira both work in the data center at Triffid, Inc. There is a policy in place
that requires both of them to be present in the data center at the same time. if one of
them has to leave for any reason, the other has to step out, too, until they can both
re-enter. This is called ________. (D 3, L3.1.1)
Blockade
MFA
Two-Person Integrity
Defense in Depth - ANSWER-Two-person integrity
Clyde is the security analyst tasked with finding an appropriate physical control to
reduce the possibility that unbadged people will follow badged employees through
the entrance of the organization's facility. Which of the following can address this
risk? (D3, L3.2.1)
Fences
Dogs
Bollards
Turnstiles - ANSWER-Turnstiles
Sinka is considering a physical deterrent control to dissuade unauthorized people
from entering the organization's property. Which of the following would serve this
purpose? (D3, L3.2.1)
A wall
Razor Tape
A sign
A hidden camera - ANSWER-Razor Tape
Which of these combinations of physical security controls share a single point of
failure? (D3, L3.2.1)
Guards and fences
Badge readers and walls