ISC2 CC Exam Domain 2 questions with accurate detailed solutions

2



ISC2 CC Exam Domain 2 questions with accurate detailed
|| || || || || || || || ||




solutions


Breach - ✔✔occurrence where a person other than the authorized user accesses PII or an
|| || || || || || || || || || || || || || ||




authorized person accesses the info for an unauthorized purpose || || || || || || || ||




event - ✔✔any observable occurrence in a net work or system
|| || || || || || || || || ||




exploit - ✔✔A particular attack. It is named this way because these attacks exploit system
|| || || || || || || || || || || || || || ||




vulnerabilities.


incident - ✔✔An event that actually or potentially jeopardizes the confidentiality, integrity or
|| || || || || || || || || || || || ||




availability of an information system or the information the system processes, stores or transmits.
|| || || || || || || || || || || || ||




intrusion - ✔✔A security event, or combination of security events, that constitutes a security
|| || || || || || || || || || || || || ||




incident in which an intruder gains, or attempts to gain, access to a system or system resource
|| || || || || || || || || || || || || || || || ||




without authorization. ||




threat - ✔✔circumstance or event with the potential to adversely impact org operations, assets,
|| || || || || || || || || || || || || ||




individuals, other orgs, or the nation through an info system via unauthorized access, destruction,
|| || || || || || || || || || || || || ||




disclosure, modification of information and/or DoS || || || || ||




vulnerability - ✔✔weakness in an info system, system security procedures, internal controls, or
|| || || || || || || || || || || || ||




implementation that could be exploited by a threat source || || || || || || || ||




Zero Source - ✔✔a previously unknown system vulnerability with the potential of exploitation
|| || || || || || || || || || || || ||




without risk of detection or prevention because it does not, in general, fit recognized patterns,
|| || || || || || || || || || || || || || ||




signatures, or methods. || ||




The goal of incident response - ✔✔protect life, health, society
|| || || || || || || || ||

, 2


choose safety first when choosing priorities
|| || || || ||




goal of incident management - ✔✔to be prepared for a crisis
|| || || || || || || || || ||




incident response plan is aimed at - ✔✔reducing impact of an incident so org can resume
|| || || || || || || || || || || || || || || ||




interrupted operations ASAP || ||




Business continuity planning (BCP) - ✔✔proactive development of procedures and controls to
|| || || || || || || || || || || ||




restore business operations after a significant disruption to the org whether natural or man made
|| || || || || || || || || || || || || ||




BCP also known as - ✔✔COOP Continuity of Operations Planning
|| || || || || || || || ||




BCP directly impacts which goal of information security - ✔✔availability
|| || || || || || || || ||




who helps create BCP - ✔✔members across the org to ensure everything is accounted for
|| || || || || || || || || || || || || ||




components of a comprehensive BCP - ✔✔- List of BCP team members (contact methods,
|| || || || || || || || || || || || || ||




backup members) ||




- Guidance for management (designation of authority)
|| || || || || ||




- Immediate response procedures (security + safety, fire suppression, emergency response
|| || || || || || || || || || ||




agencies)
- Notification system and call trees (for alerting personnel)
|| || || || || || || ||




- How/When to enact BCP
|| || || ||




- Contact numbers for critical members of the supply chain (vendors, customers, emergency
|| || || || || || || || || || || || ||




providers)


Business Impact Assessment (BIA) - ✔✔- A risk assessment that uses a quantitative or
|| || || || || || || || || || || || || ||




qualitative process ||