For Expert help and assignment handling,
1
(ISC)2 Certified in Cyber Security Questions
and Answers (100% Correct Answers) Already
Graded A+
What are the 4 (ISC)2 Codes of Ethics? Ans: 1. Protect society and
infrastructure (Hacking)
2. Act honourably, justly and within laws (Lying)
© 2026 Assignment Expert
3. Serve principles diligently and competently (Fulfil your duties)
Guru01 - Stuvia
4. Advance the information security profession (Helping cheat exams)
What are the 5 confidentiality concerns? (CIA) Ans: 1. Snooping
(gathering information that is left out in the open)
2. Dumpster Diving (Looking through trash for information)
3· Eavesdropping
4· Wiretapping (Electronic Eavesdropping)
5· Social Engineering (psychological tricks to persuade employee to give
it or give access to information)
What are the 4 Integrity Concerns? (CIA) Ans: 1· Unauthorized
Modification (Attackers make changes without permission)
,For Expert help and assignment handling,
2
2· Impersonation
3· Man-in-the-Middle (MITM) (Attackers place the themselves in the
middle of communication sessions)
4· Replay (Attackers eavesdrop on logins and reuse the captured
credentials)
What are the 5 Availability Concerns? (CIA) Ans: 1· Denial of Service
© 2026 Assignment Expert
(DoS)
2· Power Outages
Guru01 - Stuvia
3· Hardware Failures
4· Destruction
5· Service Outages
What are the 3 mains steps of the Access Control Process? Ans: 1.
Identification (Username)
2. Authentication (Password)
3. Authorization (Access Control List)
What are the 4 password requirements to ensure security? Ans: 1. Length
2. Complexity
,For Expert help and assignment handling,
3
3. Expiration
4. History
What is a useful tool for security passwords? Ans: Password Managers
What are the 3 mains privacy concerns of an organisation? Ans: 1.
Protecting Organisation Data
© 2026 Assignment Expert
2. Educating users to protect own data
3. Protecting users data
Guru01 - Stuvia
What are the 2 main types of private information? Ans: 1. PII - Personally
Identifiable Information
2. PHI - Protected Health Information
What precedent determines many laws that govern information
protection? Ans: The reasonable expectation of privacy
e.g., Emailing? = Yes, Posting on YouTube? = No
What are the 3 steps of the risk management process? Ans: 1.
Identification
2. Assessment
3. Treatment
, For Expert help and assignment handling,
4
What are the three main areas of Risk? Ans: 1. Internal Risks
2. External Risks
3. Multiparty Risks (Lots of threat actors - Intellectual theft)
What is the equation for determining risk? Ans: Likelihood + Impact = Risk
Level
© 2026 Assignment Expert
What are the 2 types of risk assessment? Ans: 1. Qualitative Techniques
(RAG)
2. Quantitative Techniques (numeric ratings)
Guru01 - Stuvia
What are the 4 types of risk treatment? Ans: 1. Avoidance
2. Transference
3. Mitigation
4. Acceptance
What term do we use to define the combination of risks that an
organisation faces? Ans: Risk Profile
What are the three types of risk that are associated with the state of their
remediation? Ans: 1. Inherent risk (Initial level of risk - prior to controls)
2. Residual risk (Level of risk - post controls)
1
(ISC)2 Certified in Cyber Security Questions
and Answers (100% Correct Answers) Already
Graded A+
What are the 4 (ISC)2 Codes of Ethics? Ans: 1. Protect society and
infrastructure (Hacking)
2. Act honourably, justly and within laws (Lying)
© 2026 Assignment Expert
3. Serve principles diligently and competently (Fulfil your duties)
Guru01 - Stuvia
4. Advance the information security profession (Helping cheat exams)
What are the 5 confidentiality concerns? (CIA) Ans: 1. Snooping
(gathering information that is left out in the open)
2. Dumpster Diving (Looking through trash for information)
3· Eavesdropping
4· Wiretapping (Electronic Eavesdropping)
5· Social Engineering (psychological tricks to persuade employee to give
it or give access to information)
What are the 4 Integrity Concerns? (CIA) Ans: 1· Unauthorized
Modification (Attackers make changes without permission)
,For Expert help and assignment handling,
2
2· Impersonation
3· Man-in-the-Middle (MITM) (Attackers place the themselves in the
middle of communication sessions)
4· Replay (Attackers eavesdrop on logins and reuse the captured
credentials)
What are the 5 Availability Concerns? (CIA) Ans: 1· Denial of Service
© 2026 Assignment Expert
(DoS)
2· Power Outages
Guru01 - Stuvia
3· Hardware Failures
4· Destruction
5· Service Outages
What are the 3 mains steps of the Access Control Process? Ans: 1.
Identification (Username)
2. Authentication (Password)
3. Authorization (Access Control List)
What are the 4 password requirements to ensure security? Ans: 1. Length
2. Complexity
,For Expert help and assignment handling,
3
3. Expiration
4. History
What is a useful tool for security passwords? Ans: Password Managers
What are the 3 mains privacy concerns of an organisation? Ans: 1.
Protecting Organisation Data
© 2026 Assignment Expert
2. Educating users to protect own data
3. Protecting users data
Guru01 - Stuvia
What are the 2 main types of private information? Ans: 1. PII - Personally
Identifiable Information
2. PHI - Protected Health Information
What precedent determines many laws that govern information
protection? Ans: The reasonable expectation of privacy
e.g., Emailing? = Yes, Posting on YouTube? = No
What are the 3 steps of the risk management process? Ans: 1.
Identification
2. Assessment
3. Treatment
, For Expert help and assignment handling,
4
What are the three main areas of Risk? Ans: 1. Internal Risks
2. External Risks
3. Multiparty Risks (Lots of threat actors - Intellectual theft)
What is the equation for determining risk? Ans: Likelihood + Impact = Risk
Level
© 2026 Assignment Expert
What are the 2 types of risk assessment? Ans: 1. Qualitative Techniques
(RAG)
2. Quantitative Techniques (numeric ratings)
Guru01 - Stuvia
What are the 4 types of risk treatment? Ans: 1. Avoidance
2. Transference
3. Mitigation
4. Acceptance
What term do we use to define the combination of risks that an
organisation faces? Ans: Risk Profile
What are the three types of risk that are associated with the state of their
remediation? Ans: 1. Inherent risk (Initial level of risk - prior to controls)
2. Residual risk (Level of risk - post controls)
