1|P a g e
,ISC2 CyberSecurity Exam Questions
100% Pass
Question: 1
Which access control is MORE effective at protecting a door against unauthorized access?
A. Fences
B. Turnstiles
C. Barriers
D. Locks
Answer: D
Explanation:
A lock is a device that prevents a physical structure (typically a door) from being opened,
indicating that only the authorized person (i.e. the person with the key) can open it. A
fence or a barrier will prevent ALL access. Turnstiles are physical barriers that can be
easily overcome (after all, it is common knowledge that intruders can easily jump over a
turnstile when no one is watching).
Question: 2
Which type of attack PRIMARILY aims to make a resource inaccessible to its intended
users?
A. Phishing
B. Denial of Service
C. Trojans
D. Cross-Site Scripting
Answer: B
Explanation:
A denial of service attack (DoS) consists in compromising the availability of a system or
service through a malicious overload of requests, which causes the activation of safety
mechanisms that delay or limit the availability of that system or service. Due to this,
systems or services are rendered inaccessible to their intended users. Trojans, phishing,
and cross-site scripting attacks try to covertly gain access to the system or data, and
therefore do not primarily aim at compromising the system's availability.
Question: 3
Which devices have the PRIMARY objective of collecting and analysing security events?
2|P a g e
,A. Firewalls
B. Hubs
C. Routers
D. SIEM
Answer: D
Explanation:
A Security Information and Event Management (SIEM) system is an application that
gathers security data from information system components and presents actionable
information through a unified interface. Routers and Hubs aim to receive and forward
traffic. Firewalls filter incoming traffic. Neither of these last three options aims at
collecting and analysing security events.
Question: 4
Which access control model specifies access to an object based on the subject's
role in the organization?
A. RBAC
B. MAC
C. ABAC
D. DAC
Answer: A
Explanation:
The role-based access control (RBAC) model is well known for governing access to
objects based on the roles of individual users within the organization. Mandatory access
control is based on security classifications. Attribute-based access control is based on
complex attribute rules. In discretionary access control, subjects can grant privileges to
other subjects and change some of the security attributes of the objects they have access
to.
3|P a g e
, Question: 5
When a company hires an insurance company to mitigate risk, which risk management
technique is being applied?
A. Risk transfer
B. Risk avoidance
C. Risk mitigation
D. Risk tolerance
Answer: A
Explanation:
Risk transfer is a risk management strategy that contractually shifts a pure risk from one
party to another (in this case, to an insurance company). Risk avoidance consists in stopping
activities and exposures that can negatively affect an organization and its assets. Risk
mitigation consists of mechanisms to reduce the risk. Finally, risk tolerance is the degree of
risk that an investor is willing to endure.
Question: 6
Which type of attack will most effectively provide privileged access (root access in
Unix/Linux platforms) to a computer while hiding its presence?
Rootkits
Phishing
Cross-Site Scripting
Trojans
Answer: A
Explanation:
A rootkit tries to maintain root-level access while concealing malicious activity. It
typically creates a backdoor and attempts to remain undetected by anti-malware software.
A rootkit is active while the system is running. Trojans can also create backdoors but are
only active while a specific application is running, and thus are not as effective as a
rootkit. Phishing is used to initiate attacks by redirecting the user to fake websites. Cross-
Site Scripting is used to attack websites.
Question: 7
Which device is used to connect a LAN to the Internet?
A. Router
B. Firewall
C. HIDS
D. SIEM
4|P a g e
,ISC2 CyberSecurity Exam Questions
100% Pass
Question: 1
Which access control is MORE effective at protecting a door against unauthorized access?
A. Fences
B. Turnstiles
C. Barriers
D. Locks
Answer: D
Explanation:
A lock is a device that prevents a physical structure (typically a door) from being opened,
indicating that only the authorized person (i.e. the person with the key) can open it. A
fence or a barrier will prevent ALL access. Turnstiles are physical barriers that can be
easily overcome (after all, it is common knowledge that intruders can easily jump over a
turnstile when no one is watching).
Question: 2
Which type of attack PRIMARILY aims to make a resource inaccessible to its intended
users?
A. Phishing
B. Denial of Service
C. Trojans
D. Cross-Site Scripting
Answer: B
Explanation:
A denial of service attack (DoS) consists in compromising the availability of a system or
service through a malicious overload of requests, which causes the activation of safety
mechanisms that delay or limit the availability of that system or service. Due to this,
systems or services are rendered inaccessible to their intended users. Trojans, phishing,
and cross-site scripting attacks try to covertly gain access to the system or data, and
therefore do not primarily aim at compromising the system's availability.
Question: 3
Which devices have the PRIMARY objective of collecting and analysing security events?
2|P a g e
,A. Firewalls
B. Hubs
C. Routers
D. SIEM
Answer: D
Explanation:
A Security Information and Event Management (SIEM) system is an application that
gathers security data from information system components and presents actionable
information through a unified interface. Routers and Hubs aim to receive and forward
traffic. Firewalls filter incoming traffic. Neither of these last three options aims at
collecting and analysing security events.
Question: 4
Which access control model specifies access to an object based on the subject's
role in the organization?
A. RBAC
B. MAC
C. ABAC
D. DAC
Answer: A
Explanation:
The role-based access control (RBAC) model is well known for governing access to
objects based on the roles of individual users within the organization. Mandatory access
control is based on security classifications. Attribute-based access control is based on
complex attribute rules. In discretionary access control, subjects can grant privileges to
other subjects and change some of the security attributes of the objects they have access
to.
3|P a g e
, Question: 5
When a company hires an insurance company to mitigate risk, which risk management
technique is being applied?
A. Risk transfer
B. Risk avoidance
C. Risk mitigation
D. Risk tolerance
Answer: A
Explanation:
Risk transfer is a risk management strategy that contractually shifts a pure risk from one
party to another (in this case, to an insurance company). Risk avoidance consists in stopping
activities and exposures that can negatively affect an organization and its assets. Risk
mitigation consists of mechanisms to reduce the risk. Finally, risk tolerance is the degree of
risk that an investor is willing to endure.
Question: 6
Which type of attack will most effectively provide privileged access (root access in
Unix/Linux platforms) to a computer while hiding its presence?
Rootkits
Phishing
Cross-Site Scripting
Trojans
Answer: A
Explanation:
A rootkit tries to maintain root-level access while concealing malicious activity. It
typically creates a backdoor and attempts to remain undetected by anti-malware software.
A rootkit is active while the system is running. Trojans can also create backdoors but are
only active while a specific application is running, and thus are not as effective as a
rootkit. Phishing is used to initiate attacks by redirecting the user to fake websites. Cross-
Site Scripting is used to attack websites.
Question: 7
Which device is used to connect a LAN to the Internet?
A. Router
B. Firewall
C. HIDS
D. SIEM
4|P a g e
